Question
I need your help one more time.
I can't get how to successfully establish a StreamSocket connection from Metro application to untrusted root certificate host.
I'm connecting like this:
https://stackoverflow.com/questions/17890257
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianawait socket.ConnectAsync(new HostName("_UNTRUSTED_HOST_IP_ADDRESS_"), "_SSL_PORT_", SocketProtectionLevel.Ssl);
And it fails :(
I can't establish a plain HTTP connection because of the host restriction.
Some say that I need to make a proxy server that will forward SSL queries to that untrusted host and which will mark this connection as trusted.
But how to do it? I didn't get it for now :(
I'm using Squid on my CentOS web-server and did this to squid.conf:
acl TrustedHosts url_regex _UNTRUSTED_HOST_IP_ADDRESS_
sslproxy_cert_error allow TrustedHosts
sslproxy_cert_error deny all
I need StreamSocket, because I must read to and write from the socket to make some valuable actions.
If anyone can help me with this...
Solution
I did it by modifying the Control of the StreamSocket that way :
_streamSocket.Control.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted);
_streamSocket.Control.IgnorableServerCertificateErrors.Add(ChainValidationResult.InvalidName);
ChainValidationResult contains multiple options, choose the one best suited for you.
