如何信任Windows商店应用程序中的自签名证书

时间:2012-10-29 10:19:38

标签: windows-store-apps

我试图覆盖Windows应用商店应用中的证书验证,以接受两个外部服务上的自签名证书(使用HttpClient),以允许Windows 8应用接受证书并建立SSL的信任关系

编辑: 我实施了此处记录的方法:Installing certs by using the appmanifest

并将相关的.cer文件添加到我的应用程序中,并确保它们是“内容”和“始终复制”。

我的package.appxmanifest Extensions部分如下所示:

  <Extensions>
<Extension Category="windows.certificates">
  <Certificates>
    <Certificate StoreName="TrustedPeople" Content="Assets\ReportingServices.cer" />
    <Certificate StoreName="TrustedPeople" Content="Assets\Crm.cer" />
    <Certificate StoreName="CA" Content="Assets\DigiCertHighAssurance.cer" />
    <TrustFlags ExclusiveTrust="true" />
    <SelectionCriteria AutoSelect="true" />
  </Certificates>
</Extension>

但这仍然不起作用。

我尝试将应用程序证书放在“Root”StoreName中,但仍然没有成功。有没有人有任何想法为什么这可能不起作用?

3 个答案:

答案 0 :(得分:1)

这有点旧,但看到有很多观察者,我会给出解决方案。

// Create the httpClient and send the request
HttpBaseProtocolFilter aHBPF = new HttpBaseProtocolFilter();
// If you want to ignore expired Certs
aHBPF.IgnorableServerCertificateErrors.Add(ChainValidationResult.Expired);
// Untrused because this is a self signed cert that is not installed
aHBPF.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted);
// Host names and certs names may not match
aHBPF.IgnorableServerCertificateErrors.Add(ChainValidationResult.InvalidName);

HttpClient httpClient = new HttpClient(aHBPF);
HttpResponseMessage response = await httpClient.SendRequestAsync(httpRequest, HttpCompletionOption.ResponseHeadersRead).AsTask(cts.Token);

答案 1 :(得分:1)

只是为了节省您的时间。我必须解决这个问题2天的反复试验。在这里你可以解决它。 将.cer文件添加到项目中,将构建操作设置为“内容”,复制为更新 然后将其添加到您的应用清单

<Capabilities>
    <Capability Name="sharedUserCertificates" />
    <Capability Name="enterpriseAuthentication" />
    <Capability Name="privateNetworkClientServer" />
    <Capability Name="internetClient" />
</Capabilities>


<Extensions>
<Extension Category="windows.certificates">
  <Certificates>
    <Certificate StoreName="Root" Content="Certificates\vibeapi.cer" />
      <TrustFlags ExclusiveTrust="true" />
       <SelectionCriteria AutoSelect="true" />
    </Certificates>
  </Extension>
</Extensions>

现在您可以使用此

访问该文件
//Testing https connection
HttpClientHandler msgHandler = new HttpClientHandler();

using (System.Net.Http.HttpClient httpClient = new System.Net.Http.HttpClient(msgHandler, true))
       {
          var HTTPSURL = new Uri("https://www.sample.net/");


       var response = await httpClient.GetAsync(HTTPSURL);
       var responseStr = await response.Content.ReadAsStringAsync();

       }

请参阅链接以供参考 help

答案 2 :(得分:0)

如果将cer文件放到项目根目录并将清单文件中的“内容”部分更改为Content =“file.cer”,它将起作用