locked
Select a certificate window - Client certificate

    Question

  • I managed to use client certificates and everything works just fine until today.

    Well, when I have one certificate imported, there I can not see any problems, but as I import another certificate I've got this strange behaviour: for every client.PostAsync program opens me a window called "Select a certificate window".

    I thought this window will appear only once, when first post occur. But it looks like I have to keep choosing certificate for each and every post. How can I repair that?

    My posts looks like this one bellow:

    JsonObject postItem = new JsonObject();
    postItem.Add("username", JsonValue.CreateStringValue(username));
    postItem.Add("password", JsonValue.CreateStringValue(password));
    HttpStringContent content = new HttpStringContent(postItem.Stringify(), Windows.Storage.Streams.UnicodeEncoding.Utf8, "application/json");
    
    using (var resp = await ((App)(App.Current)).globalClient.PostAsync(new Uri(((App)(App.Current)).apiLink + "/login.json"), content))
    { ... }

    • Edited by Klemzy2013 Friday, February 21, 2014 9:17 AM
    Friday, February 21, 2014 8:51 AM

Answers

  • If you have multiple certificates installed in the app container store, then you can programmatically query for and add a certificate of your choice to HttpClient…That will prevent the default behavior - default dialog to be displayed.

    For example, do something like this:

                CertificateQuery query = new CertificateQuery();            
                IReadOnlyCollection<Certificate> certs = await CertificateStores.FindAllAsync(query);
    
                // Here certs collection will contain all certificates that you’ve installed in your app container. 
                // If you want to select the first certificate, reference it like this:
                HttpBaseProtocolFilter bpf = new HttpBaseProtocolFilter();
                bpf.ClientCertificate = certs.ElementAt(0);
    
                HttpClient client = new HttpClient(bpf);
                // then call httpClient.PostAsync....


    Windows Store Developer Solutions, follow us on Twitter: @WSDevSol|| Want more solutions? See our blog

    • Marked as answer by Klemzy2013 Friday, February 21, 2014 11:24 PM
    Friday, February 21, 2014 9:45 PM
    Moderator

All replies

  • This is not strange behavior, it is by-design.  You have created multiple certificates which may be valid for the resource requested, so the app cannot decide which one you want to use. Because of this, it must ask that you make the decision with every request.

    To get rid of this behavior, remove a certificate.


    Matt Small - Microsoft Escalation Engineer - Forum Moderator
    If my reply answers your question, please mark this post as answered.

    NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined objects and unknown namespaces.


    Friday, February 21, 2014 8:46 PM
    Moderator
  • This is not strange behavior, it is by-design.  You have created multiple certificates which may be valid for the resource requested, so the app cannot decide which one you want to use. Because of this, it must ask that you make the decision with every request.

    To get rid of this behavior, remove a certificate.


    Matt Small - Microsoft Escalation Engineer - Forum Moderator
    If my reply answers your question, please mark this post as answered.

    NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined objects and unknown namespaces.


    Ok, that's bad I think. What if user have more than one certificate installed...this mean he will have to choose for certificate each and every time...
    Friday, February 21, 2014 9:26 PM
  • If you have multiple certificates installed in the app container store, then you can programmatically query for and add a certificate of your choice to HttpClient…That will prevent the default behavior - default dialog to be displayed.

    For example, do something like this:

                CertificateQuery query = new CertificateQuery();            
                IReadOnlyCollection<Certificate> certs = await CertificateStores.FindAllAsync(query);
    
                // Here certs collection will contain all certificates that you’ve installed in your app container. 
                // If you want to select the first certificate, reference it like this:
                HttpBaseProtocolFilter bpf = new HttpBaseProtocolFilter();
                bpf.ClientCertificate = certs.ElementAt(0);
    
                HttpClient client = new HttpClient(bpf);
                // then call httpClient.PostAsync....


    Windows Store Developer Solutions, follow us on Twitter: @WSDevSol|| Want more solutions? See our blog

    • Marked as answer by Klemzy2013 Friday, February 21, 2014 11:24 PM
    Friday, February 21, 2014 9:45 PM
    Moderator
  • If you have multiple certificates installed in the app container store, then you can programmatically query for and add a certificate of your choice to HttpClient…That will prevent the default behavior - default dialog to be displayed.

    For example, do something like this:

                CertificateQuery query = new CertificateQuery();            
                IReadOnlyCollection<Certificate> certs = await CertificateStores.FindAllAsync(query);
    
                // Here certs collection will contain all certificates that you’ve installed in your app container. 
                // If you want to select the first certificate, reference it like this:
                HttpBaseProtocolFilter bpf = new HttpBaseProtocolFilter();
                bpf.ClientCertificate = certs.ElementAt(0);
    
                HttpClient client = new HttpClient(bpf);
                // then call httpClient.PostAsync....


    Windows Store Developer Solutions, follow us on Twitter: @WSDevSol|| Want more solutions? See our blog

    Ok, I will try this solution, thanks.

    I just want to know if is possible to get index of choosen certificate? So from the moment, when user choose one certificate, program will be able to automatically set certificate using your solution. But only if I can get index of choosen certificate.


    • Edited by Klemzy2013 Friday, February 21, 2014 10:25 PM
    Friday, February 21, 2014 10:25 PM
  • When the default dialog is shown, your app doesn't get a callback saying which index the user chose. The approach above is to prevent the dialog box from being shown. You either display the dialog box or you control the client certificate programmatically. You can't have both.

    Windows Store Developer Solutions, follow us on Twitter: @WSDevSol|| Want more solutions? See our blog

    Friday, February 21, 2014 10:31 PM
    Moderator
  • When the default dialog is shown, your app doesn't get a callback saying which index the user chose. The approach above is to prevent the dialog box from being shown. You either display the dialog box or you control the client certificate programmatically. You can't have both.

    Windows Store Developer Solutions, follow us on Twitter: @WSDevSol|| Want more solutions? See our blog

    Ok, I understand. Thanks
    Friday, February 21, 2014 11:24 PM