4

I am working on a phone Windows 10 Universal Application. I am trying to connect to an OAuth server with auto-signed certificate.

When I open a web view to that server I get the error :

"Security certificate required to access this resource is invalid"

I wanted to use the following intstruction but ServicePointManager does not exist on Universal App.

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

Any idea how to bypass ssl validation on these apps ? Thanks.

Julien Coqueret
  • 186
  • 3
  • 5

1 Answers1

6

In Windows Runtime the webview should not ever go to an untrusted page, so you will meet the above exception.
In order to solve your problem, you need to include the Certificates on your UWP app or you have to Ignore SSL Certificate errors.

For how to include the Certificates on your UWP app, you need to add the “Certificate” Declaration to your Package.appxmanifest. enter image description here
For more information, please try to refer to this article: http://blogs.msdn.com/b/wsdevsol/archive/2014/06/05/including-self-signed-certificates-with-your-windows-runtime-based-windows-phone-8-1-apps.aspx

Yes, ServicePointManager is not available in the Windows Runtime app, in order to ignore SSL Certificate errors, we can use the HttpBaseProtocolFilter.IgnorableServerCertificateErrors | ignorableServerCertificateErrors property to help us. For more information, please try to refer to the following two articles:
http://blogs.msdn.com/b/wsdevsol/archive/2013/10/17/how-to-ignore-self-signed-certificate-errors-in-windows-store-apps-8-1.aspx.
https://bernhardelbl.wordpress.com/2013/06/28/ignore-ssl-certificate-errors-in-windows-8-1-apps/.

Amy Peng - MSFT
  • 1,902
  • 11
  • 14
  • Is it possible to use the HttpBaseProtocolFilter in connection with SignalR? – Storm Jan 19 '16 at 14:41
  • I tried the above method but it did not work. I have a Cordova applications for Windows 10 platform that is making an Ajax call over https that is self signed. I had put both values CA and Root in `Store Name` but it did not work. I keep getting an error with `{data: null, status:0}`. Any other suggestions? – hirenhcm Apr 17 '16 at 17:09
  • I have downloaded the server's certificate from firefox' "do-you-want-to-trust-it" - dialog, converted it from .crt to .cer (file did not change, though), and added it to my UWP app. However, when i connect to the server with a `ClientWebSocket` it throws a invalid certificate exception. Am i missing something? – Benni Mar 06 '17 at 22:56