Possible to disable download of issuer certificates in SslStream?

Asked Jun 17 '14 at 11:05

Active Jun 17 '14 at 15:33

Viewed 97 times

When using an SslStream to connect to an internal, trusted server using a self-signed CA certificate, I want to disable automatic downloading of issuer certificates.

The reason is that the certificate is broken in a way that it points to an invalid network location and thus stalls the connection for about 10 seconds on (almost) every SSL handshake.

Is this possible somehow?

edited Jun 17 '14 at 15:33

asked Jun 17 '14 at 11:05

Krumelur

31,081
7
77
119

Have you tried using a certificate call back function? if the cert being loaded is the 'dodgy' one I guess you could redirect there? – Mike Miller Jun 17 '14 at 11:10
Unfortuately, the cert chain resolution is done *before* that callback is being called. It seems the actual resolution is done in CAPI in native code – Krumelur Jun 17 '14 at 11:15
How can the self-signed certificate require search for the issuer certificate? – Eugene Mayevski 'Callback Jun 17 '14 at 14:18
Clarification: the CA cert is self-signed. – Krumelur Jun 17 '14 at 15:33

Possible to disable download of issuer certificates in SslStream?

0 Answers0