Ignore certificate authority (self-signed) with BITS
-
18-09-2019 - |
Question
I'm trying to upload a file with a client application using BITS (Microsoft's Background Intelligent Transfer Service) via HTTPS. The development server I'm uploading to/testing with does not have a properly signed certificate for SSL (it's self-signed). This means that the transfer always errors out, as BITS recognizes that the certificate is self-signed and refuses to complete the job.
Is there any way to programmatically tell BITS ignore the certificate authority and complete the upload? I know there are ways to do this with the HttpWebRequest class in C#, but I don't know how to do this with BITS specifically.
Thanks!
Solution
I think BITS is throwing an exception not because it recognises the cert as being self-signed but rather that it recognises that the cert is not trusted by the client PC. You could try installing the cert in the Trusted Store on your client - I believe BITS will then work over HTTPS.
OTHER TIPS
Use /SETSECURITYFLAGS.
This really racked my brain for quite some time. I finally figured out you need to enter the number in decimal form. (not like it shows in technet as 0x0001)
C:>bitsadmin /SetSecurityFlags myDownloadJob 8
The 8 will make the "Ignore invalid certificate authority in server certificate :true"
30 will make all of the Ignores true.