问题
I need help with this:
Our backend is secured by self-signed certificate. Lets call it: OurMegaCoolCertificate.cer
So, we have imported this certificate to our developers machines by using certmgr.msc. And now we can retrieve data from our backend using this code:
async public static Task<string> getData(string Id, string Type)
{
String url = "https://BACKEND/API/?Id=" + Id + "&Type=" + Type;
HttpClientHandler aHandler = new HttpClientHandler();
aHandler.ClientCertificateOptions = ClientCertificateOption.Automatic;
HttpClient aClient = new HttpClient(aHandler);
aClient.DefaultRequestHeaders.ExpectContinue = false;
aClient.DefaultRequestHeaders.MaxForwards = 3;
Uri requestUri = new Uri(url);
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUri);
//request.Headers.ExpectContinue = false;
var result = await aClient.GetAsync(requestUri, HttpCompletionOption.ResponseContentRead);
var responseHeader = result.Headers;
//Debug.WriteLine(responseHeader.WwwAuthenticate);
var responseBody = await result.Content.ReadAsStringAsync();
return responseBody;
}
But offcourse we can't tell users of our application, to install the certificate manually, is there a way to add this certificate to project and use it? Or import to users machine programmly? Please guide me, i'm new to SSL security
I have managed to do this, no errors, but request fails, looks like request doesn't find certificate:
private async void GetOverHere()
{
//await Windows.Security.Cryptography.Certificates.CertificateEnrollmentManager.InstallCertificateAsync("",InstallOptions.None);
StorageFolder packageLocation = Windows.ApplicationModel.Package.Current.InstalledLocation;
StorageFolder certificateFolder = await packageLocation.GetFolderAsync("Certificates");
StorageFile certificate = await certificateFolder.GetFileAsync("OurMegaCoolCertificate.cer");
IBuffer buffer = await Windows.Storage.FileIO.ReadBufferAsync(certificate);
string encodedString = Windows.Security.Cryptography.CryptographicBuffer.EncodeToBase64String(buffer);
await Windows.Security.Cryptography.Certificates.CertificateEnrollmentManager.InstallCertificateAsync(encodedString, InstallOptions.None);
}
Also we have tried to do this in manifest:
</Capabilities>
<Extensions>
<!--Certificates Extension-->
<Extension Category="windows.certificates">
<Certificates>
<Certificate StoreName="Root" Content="Assets\OurMegaCoolCertificate.cer" />
</Certificates>
</Extension>
And again, when we import using certmgr.msc to Trusted Root Certificates - all works
回答1:
I have managed to get this working:
I have added this in packagemanifest:
</Capabilities>
<Extensions>
<!--Certificates Extension-->
<Extension Category="windows.certificates">
<Certificates>
<Certificate StoreName="Root" Content="Assets\OurMegaCoolCertificate.cer" />
</Certificates>
</Extension>
But i have exported my certificate not using DER ( or something like that ), but as base64 and it worked. But all tutorials say that needs to be exported as DER...
来源:https://stackoverflow.com/questions/21041207/programmly-using-ssl-certificates-in-windows-8-app