Search code examples
uwpdotnet-httpclient

Is it possible to bypass the server certificate check in HttpClient in UWP?

I have an existing UWP app that runs in kiosk mode on a Windows 10 LTSC (OS Build 17763.973) device at an enterprise client. It has worked well since 2019 using the following code:

Try
    Dim authClient As New Windows.Web.Http.HttpClient
    Dim authRequest = New Windows.Web.Http.HttpRequestMessage(Windows.Web.Http.HttpMethod.Post, New System.Uri(sAuthEndpoint))
    authRequest.Content = New Windows.Web.Http.HttpFormUrlEncodedContent(New Dictionary(Of String, String) From {
                {"client_id", "my_client_id"},
                {"client_secret", "my_client_secret"},
                {"scope", "my_scope"},
                {"grant_type", "my_grant_type"}
            })
    Dim authResponseMessage As Windows.Web.Http.HttpResponseMessage = Await authClient.SendRequestAsync(authRequest)
    authResponseMessage.EnsureSuccessStatusCode()

    Dim authString = Await authResponseMessage.Content.ReadAsStringAsync()
    Dim authValue As Windows.Data.Json.JsonValue = Windows.Data.Json.JsonValue.Parse(authString)
...
Catch ex As Exception
    Logging(ex.Message)
    If ex.InnerException IsNot Nothing Then
        Logging(ex.InnerException.Message)
    End If
End Try

Recently they wanted to try a new device, which to all intents is identical, but uses Windows LTSC (OS Build 17763.1339). The UWP code above now fails with:

An error occurred while sending the request. The text associated with this error code could not be found. The certificate authority is invalid or incorrect.

To be clear, this is the same deployment package that I built in 2019. The code has not changed. The enterprise server has not changed. The existing code on the old device still works.

I moved the code to WPF, replacing Windows.Web with System.Net and fixing the two method names, and the code worked without an error. However, the requirement for the app to run in Kiosk mode means I need it to be in UWP.

I tried replacing Windows.Web with System.Net in UWP, but get the same error as above.

I am guessing that this is something to do with the UWP security sandbox, and that it has changed between .973 and .1339. Can anyone suggest how I can resolve this?

Solution

  • An error occurred while sending the request. The text associated with this error code could not be found. The certificate authority is invalid or incorrect.

    The error description is a certificate error, and you can solve the problem by including Shared User Certificates in UWP Package.appxmanifest.

    <Capabilities><uap:Capability Name="sharedUserCertificates"/></Capabilities>