SSL on CF ( Trust Failure )

M

m2abhi25

Hi,

Im facing a problem with my .Net Compact Frmework aplication deployed
on a PocketPc device.

Im trying to send an "https://" request from my application. I have
already installed the CA certificate on ROOT certificate directory of
device. Than also an exception is being thrown, which shows the
message as "Trust Failure".

Can anyone tell me how can I solve this problem ?


Thanks,
 
P

Paul G. Tobey [eMVP]

Just copying certificate data files doesn't do anything, in my experience.
Use the Certificates applet in the Control Panel to add the certificate to
the trusted list...

Paul T.
 
M

m2abhi25

Hi Paul,

Thanks for your reply.

It's not the case about Windows. Actually Im trying to do it from a
PocketPc device.

I checked the Root Certificate Store of device and I found that it
contains the CA certificate.

Than also my application throws an exception "Trust Failure".

If Certificate is there than why the exception is being thrown.


Thanks,
 
P

Paul G. Tobey [eMVP]

Examine the exception in detail. They usually contain enough information to
help debug the problem.

Paul T.
 
M

m2abhi25

Yup I examined and It's same as I mentioned.

Paul, can you just explain that how the certificate validation is done
in .Net Compact Framework 2.0.

I did all the stuffs like installing various certificates, defining my
own policy classes, etc.

When I define my own policy class than I got the response from server
but we cannot go for this approach since either somehow we have to
verify the server certificate or we have to return "true" from
"CheckValidation" method of policy class.
And this will always return true, which cannot be an ideal approach
for a application on user end.

When I dont define my own policy class, problem is always there with
the application.

Can you guide me for sometime, It seems so problematic to handle


Please reply,
 
P

Paul G. Tobey [eMVP]

Not for SSL, no. I've done certificate validation using the Crypto API
(native code), generally, and that seems to work for me. For certificate
validation for things like PEAP in WiFi, it works, too. I suppose that you
could use the Crypto API, or its wrapper in OpenNETCF, to do your own
validation in the CheckValidation method. Not sure why that's not what is
happening automatically for you. The error code from the exception should
have told you that the certificate was not trusted, or outdated, or
whatever, I would have thought.

Paul T.
 
M

m2abhi25

Hi Paul,

I think we are missing something. First of all my application is
on .Net Compact Framework 2.0 for Pocket PC 2003 Second Edition
Device. I prepared a sample application and deployed it to the device

You are right, It happens automatically. But only for some of the
servers, for some other ones im getting this exception.

The problem is that exception does not contain any information that
why the certification validation has failed. The reason may be an
expired date, invalid domain name, etc. But exception only shows that
a trust failure has occured. So I am not able to find exact cause of.

Also in .Net Compact Framework 2.0 there are limitations like a I can
not define my own certificate chian, no certificate store, etc.
 
K

Kay-Christian Wessel

I've had the same problems when doing this with compact framework 1.0
earlier. I bought a third party product to solve this problem. If money is
not a problem I would do this. I've recently upgraded to CF 2.0 and it still
works. I think you will find lots of 3rd party products out there if you do
a search.

Best regards
Kay-Christian
 
M

m2abhi25

Hi Christian,

Thanks for your interest.

You are right, lots of third party tools are available in the market,
if required we can use one of them. But we have our limitation so we
are not able to use them.

Coming to the problem, actually I was facing problem because of the
limitation of .Net CF 2.0 base functionalities. I got the solution for
that which is installing ".Net CF Service Pack 2" on the device. Some
of the issues related to SSL are solved in this release. You can
search for that if required.

This is a known issue in the NETCF and has been on .Net CF Service
Pack 2 which you can download below:

http://www.microsoft.com/downloads/...2f-07b5-4a8c-8a44-b4e1b196d5c0&DisplayLang=en

I have verified that after .Net CF Service Pack 2(2.0.7045.0) is
installed. the failure no longer reproduces.



Thanks,

Abhilash
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

HttpWebRequest in .NET CF 2.0 - Sent XML File over 34K Corrupted 5
HTTPS (SSL) on PPC 2
SSL And ClickOnce 0
TLS/SSL deferred handshake 2
Trusted CA question 3
CF 2.0: Problem with DataGrid and decimal column 12
Expert assistance needed with Xo9 interoperability with IBM integration server via HTTP POst.(Urgent 4
Deploying .NET CF 2.0 SP1 to Audiovox SMT5600 3

Top