Validating SSL\TLS certificate in Unity

Question

I have a problem with certificate validation in unity. Im using .Net class HttpWebResponse to make requests and provided callback function to ServicePointManager.ServerCerti

Answer 1

You can install certificate via X509Store. The installation is persist so only need to call once. According to X509Certificate2 create a cert from Base64 or DER bytes. It can be exported by openssl: openssl x509 -inform DER -in YOUR_ROOT_CER.cer -out YOUR_BASE64_PEM.pem.

private static void InstallCertificate(byte[] cert)
{
    X509Certificate2 certificate = new X509Certificate2(cert);
    X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
    store.Open(OpenFlags.ReadWrite);
    store.Add(certificate);
    store.Close();
}

Make attentions to StoreLocation.CurrentUser pointed to /data/data/<your.package.name>/.mono/ while StoreLocation.LocalMachine is /usr/xxx/.mono on android.