May 27 2020 12:00 AM
I've been researching how to do SSL pinning for our UWP/WPF - MSIX app to secure the server communication.
Can somebody help me how MSIX plays into this? I have configured the packaging project with
<Extension Category="windows.certificates">
<Certificates>
<Certificate StoreName="root" Content="trustid-x3-root.cer"/>
<Certificate StoreName="root" Content="isrgrootx1.cer"/>
<TrustFlags ExclusiveTrust="true"/>
</Certificates>
</Extension>
From my reading of the documentation this should/could replace the machine trusted certificate store with only the two certificates that I have provided?
This does not seem to work neither for my packaged wpf app, nor for the packaged UWP app.
Any advice? Am I doing it wrong, or is this not something MSIX can help me with?
Jun 05 2020 01:51 PM
Hi @marvin_r,
Can you provide more details on what's not working, are you still able to connect to servers without those certs or are you getting an error when trying to connect?
Just some quick checks:
Have a look at these docs for more guidance. (the first link also includes using code checks as an option):
Cheers,
Tanaka