How avoid WinINet server certificate check

Question

Hi Platform: Win32 project, VC++ In my app I use wininet to download some files, and I set security flags like below but some times I get error 12057. How fix it?! I have to remove security checks from Internet Option to fix problem! Thanks

```cpp
hHttpFile = HttpOpenRequest(hConnect, ...);

 DWORD dwSecurityFlags = 0;
 DWORD dwBufferLen = sizeof(DWORD);
if (InternetQueryOption(hHttpFile, INTERNET_OPTION_SECURITY_FLAGS, &dwSecurityFlags, &dwBufferLen))
{		
	dwSecurityFlags |= SECURITY_FLAG_IGNORE_UNKNOWN_CA		
	| SECURITY_FLAG_IGNORE_REVOCATION		
	| SECURITY_FLAG_IGNORE_WEAK_SIGNATURE		
	| SECURITY_FLAG_IGNORE_WRONG_USAGE		
	| SECURITY_FLAG_IGNORE_CERT_CN_INVALID		
	| SECURITY_FLAG_IGNORE_CERT_DATE_INVALID;		
	ATLVERIFY(InternetSetOption(hHttpFile, INTERNET_OPTION_SECURITY_FLAGS, &dwSecurityFlags, sizeof(DWORD)));
}

Answer 1

Hello,

Welcome to Microsoft Q&A!

ERROR_INTERNET_SEC_CERT_REV_FAILED: 12057 Revocation of the SSL certificate failed.

As you said, you have to remove security checks from Internet Option to fix problem. As far as I'm concerned, there are two ways to fix 12057.

1, Through the code:

You could try to append SECURITY_FLAG_IGNORE_REVOCATION to INTERNET_OPTION_SECURITY_FLAGS to ignore certificate revocation problems. Refer to the Doc: Setting and Retrieving Internet Options

2, Through UI settings:

You could try to set the internet properties via the UI: Internet Properties -> Advanced ->Security.

Thank you.

Jeanine

---

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.