Developer technologies | Universal Windows Platform (UWP)
A Microsoft platform for building and publishing apps for Windows devices.
using Window.Security.Cryptography.Cryptography.X509Certificates with UWP( UAP 10.0) for ssl pinning
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 36%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Sandeep N
1
Reputation point
I want to perform ssl pinning on my UWP app. My app runs on Visual Studio 2015 update 3. I need to validate server certificates agains our root CA. I am not able to get reference of System.Security.Cryptography.X509Certificates but not available. Please let me know the alternatives here.
I have tried the below:
- Used Window.Security.Cryptography. The https request is invoked using rootCertificate = caCertificateString;
filter.CacheControl.ReadBehavior = HttpCacheReadBehavior.NoCache;
filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted);
filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.InvalidName);
filter.ServerCustomValidationRequested += FilterOnServerCustomValidationRequested;
//filter.ClientCertificate = await this.getClientCertiifcate(posCertificateString, password); var httpClient = new Windows.Web.Http.HttpClient(filter); var httpContent = new Windows.Web.Http.HttpStringContent(requestObj, Windows.Storage.Streams.UnicodeEncoding.Utf8); httpContent.Headers.ContentType = Windows.Web.Http.Headers.HttpMediaTypeHeaderValue.Parse("application/x-www-form-urlencoded"); var response = await httpClient.PostAsync(new Uri(URL), httpContent); string content = await response.Content.ReadAsStringAsync(); JsonObject statusObject = new JsonObject(); statusObject.Add("response", JsonValue.CreateStringValue(content)); return content; - How do we get the root CA details from the server certificate of args.ServerCertificate
- What are the next steps here to be done. Which methods of Certificate class should we use further for validation
Please find my code here:
private void FilterOnServerCustomValidationRequested(HttpBaseProtocolFilter sender, HttpServerCustomValidationRequestedEventArgs args)
{
try
{
byte[] bytes = System.Convert.FromBase64String(this.rootCertificate); // Our root CA. Need to validate against args.ServerCertificate
}
catch(Exception e)
{
args.Reject();
}
}
Developer technologies | Universal Windows Platform (UWP)
-
Nico Zhu (Shanghai Wicresoft Co,.Ltd.) 12,871 Reputation points2021-12-17T07:36:41.403+00:00 From your code, I can't find how do you get
rootCertificate, could you mind share it ?
Sign in to comment
Sign in to answer