How to ignor self signed certificates with System.Net.Http.HttpClient in Universal Windows App

Question

I am creating a Portable Class Library which means I must use System.Net.Http.HttpClient to call my web APIs as far as I understand. The challenge is that for my Universal Windows App, I cannot figure out how to ignore the error that is returned due to the fact the fact the API server can have a self signed certificate. Any suggestions would be greatly appreciated.

UPDATE: I cannot import any certificates as this will be an application that runs on various devices in various organizations and is not practical to have them import a self signed certificate onto every device running the application.

Answer 1

Not an option since System.Net.ServicePointManager.CertificatePolicy is not available in UWP. If you use Windows.Web.Http.HttpClient instead, then you can ignore self signed certificates.

UPDATE:

In a second thought, you can ignore self signed certificate errors if you add it to the root certificates of the app.

Two options:

• Install it with APIs:

  IBuffer buffer = await FileIO.ReadBufferAsync(file);
  Certificate rootCert = new Certificate(buffer); 
  CertificateStore rootStore = CertificateStores.TrustedRootCertificationAuthorities;
  rootStore.Add(rootCert);
  

• Include it in you Package.appxmanifest > Declarations > Certificates > Add and set:

  • Store name: root
  • Content: path to certificate file

With any of both options, you will stop getting:

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.