Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Certificate Install Security Warning Workaround?

Tags:

c#

installation

certificate

ssl-certificate

x509certificate

I have some C# 4.0 code that attempts to install a CA (.der encoded) certificate into the "Trusted Root Certification Authorities" store for the current (My) user. My little console app runs silently against other stores, but for this store a GUI popup comes up "You are about to install a certificate from a certification authority... Windows cannot validate that the certificate is actually from..... Do you want to install this certificate?"

This messagebox is a problem because the idea is to automatically deploy the app with an MSI and silently get the right certs in the right place. Having a modal box will kill automated deployment.

How can this installation be done without a deployment-breaking messagebox?

like image 226
Snowy Avatar asked Nov 16 '10 17:11

Snowy

People also ask

Why do I keep getting security certificate warnings?

An SSL certificate error occurs when a web browser can't verify the SSL certificate installed on a site. Rather than connect users to your website, the browser will display an error message, warning users that the site may be insecure.

1 Answers

It can sound not logical, but to have no warning you should add the certificate not to the Root certificate store of the current user, but to the Root of the local machine instead. You can easy verify that

certmgr.exe -add -c t.cer -s -r currentUser root

produce the security warning, but

certmgr.exe -add -c t.cer -s -r localMachine root

not.

So if you want import a certificate in .NET then the corresponding code could be about following

using System;
using System.Security.Cryptography.X509Certificates;

namespace AddCertToRootStore {
    class Program {
        static void Main (string[] args) {
            X509Store store = new X509Store (StoreName.Root,
                                             StoreLocation.LocalMachine);
            store.Open (OpenFlags.ReadWrite);
            X509Certificate2Collection collection = new X509Certificate2Collection();
            X509Certificate2 cert = new X509Certificate2 (@"C:\Oleg\t.cer");
            byte[] encodedCert = cert.GetRawCertData();
            Console.WriteLine ("The certificate will be added to the Root...");
            store.Add (cert);
            Console.WriteLine("Verify, that the certificate are added successfully");
            Console.ReadKey ();
            Console.WriteLine ("The certificate will be removed from the Root");
            store.Remove (cert);
            store.Close ();
        }
    }
}
like image 83
Oleg Avatar answered Sep 27 '22 02:09

Oleg
Sign in to Comment

Related questions

How do I define the return type of an interface method to be another interface?
Need sample fire and forget async call to WCF service
Import certificate with private key programmatically
StringTemplate - How to iterate through list of business objects and output simple html? [closed]
Capturing Powershell output in C# after Pipeline.Invoke throws
Why am I getting strange results bit-shifting by a negative value?
How to get the type contained in a collection through reflection
Why do we need Dispose() method on some object? Why doesn't the garbage collector do this work?
How can I serialize an object with a Dictionary<string,object> property?
Load Picturebox Image From Memory?
What's the point of delay signing of an .NET assembly?
Split String in C#
Speed up math code in C# by writing a C dll?
TextBox - Can I keep the selection highlight when it loses focus?
Determine the relative complement of two IEnumerable<T> sets in .NET
Watin reference problem
Is there a case for a String.IsNullOrEmpty operator?
Cannot implicitly convert type 'customtype' to 'othercustomtype'
C# equivalent of VB6's GetObject
Version Numbers float, decimal or double

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!