none
Verify server certificate manually using WCF in Windows Store application (Windows 8.1/Windows 10) RRS feed

  • Question

  • I've already asked this question on SO (http://stackoverflow.com/questions/40089215/winrt-handling-wcf-certificate-error), but digging deeper additional questions appeared. Below is original question:

    How can I handle WCF certificate error on WinRT application (I need to support both Windows 8.1 and Windows 10)? I was thinking to create CustomCertificateValidator and set it to ClientCredentials.ServiceCertificate.SslCertificateAuthentication.CustomCertificateValidator, but ServiceCertificate is not available for me.

    Is there any alternative? I've also looked through available binding elements in order to create custom binding, but haven't found any solution yet.

    I've tried following bindings:

    System.ServiceModel.BasicHttpBinding result = new System.ServiceModel.BasicHttpBinding();
    result.MaxBufferSize = int.MaxValue;
    result.ReaderQuotas = System.Xml.XmlDictionaryReaderQuotas.Max;
    result.MaxReceivedMessageSize = int.MaxValue;
    result.AllowCookies = true;
    result.OpenTimeout = new TimeSpan(0,1,0);
    result.CloseTimeout = new TimeSpan(0,1,0);
    result.ReceiveTimeout = new TimeSpan(0,10,0);
    result.SendTimeout = new TimeSpan(0,10,0);
    // Service always works over SSL
    result.Security.Mode = BasicHttpSecurityMode.Transport;
    return result;
    
    var result = new CustomBinding(
        new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8) {
            ReaderQuotas = XmlDictionaryReaderQuotas.Max
        },
        new HttpsTransportBindingElement() {
            MaxBufferSize = int.MaxValue,
            MaxReceivedMessageSize = int.MaxValue,
            AllowCookies = true
        });
    result.OpenTimeout = new TimeSpan(0,1,0);
    result.CloseTimeout = new TimeSpan(0,1,0);
    result.ReceiveTimeout = new TimeSpan(0,10,0);
    result.SendTimeout = new TimeSpan(0,10,0);

    During my investigation I've found following BindingElement: SslStreamSecurityBindingElement. Documentation says that it is supported in WinRT, but WinRT implementation doesn't expose any properties. What's the purpose of this class then? How can it can be used? Initially I thought to use custom IdentityVerifier with overriden CheckIdentity method, but there is no this property on WinRT.

    What's the purpose of this class? How is it intended to be used?

    Or how can I handle server sertificate in any other way?

    Thanks,

    Sergey


    Tuesday, October 18, 2016 11:34 AM

All replies