locked
Perform UpgradeToSslAsync on a StreamSocket without revocation check

    Question

  • I am calling UpgradeToSslAsync on a StreamSocket.  The remote server has a certificate that is signed by a CA I trust.  However, the CA does not have a CRL server configured.  When I check the status of the UpgradeToSslAsync() call, I get the following exception:

    The revocation function was unable to check revocation because the revocation server was offline.

    Is there any way that I can ignore CRL checks when I call UpgradeToSslAsync?

    Thanks

    Wednesday, August 1, 2012 9:42 PM

All replies

  • Hello,

     

    Thanks for your feedback, I will involve more experts to investigate it.

     

    Best regards,

    Jesse


    Jesse Jiang [MSFT]
    MSDN Community Support | Feedback to us

    Monday, August 6, 2012 6:25 AM
  • Hello Michael,

    I think this thread should answer your question:

    http://social.msdn.microsoft.com/Forums/en-US/winappswithcsharp/thread/18adca2e-7e8c-40d0-a82a-9cbfd529097a

    I hope this helps,

    James


    Windows Media SDK Technologies - Microsoft Developer Services - http://blogs.msdn.com/mediasdkstuff/

    Monday, August 6, 2012 11:26 PM
    Moderator
  • Thanks for the reply.  I looked at the other post.  However, my issue is that both the client and server are customer deployed.  Therefore there isn't a single certificate that we can add to the app's manifest, to indicate the cert should be trusted by all clients.
    Monday, August 13, 2012 3:28 PM
  • Hello Michael,

    Unfortunately there is no support for programmatically installing a certificate from within the WinRT environment. All certificate negotiation takes place at the network layer and the process is not reflected into the WinRT space.

    I wish I had better news for you.

    -James


    Windows Media SDK Technologies - Microsoft Developer Services - http://blogs.msdn.com/mediasdkstuff/

    Tuesday, August 14, 2012 9:51 PM
    Moderator