0

I am trying to access a certificate that was created using a C# UWP app from a managed C++ DLL within that same application. I can't however use the C# interface as I need to support SNI on this socket (As far as I can tell, UWP does not support SNI in a documented fashion that I could find; believe me, I've searched. I should also note that this is TCP, not HTTPS).

I've tried to find the UWP created certificate the "normal" wincrypt way, which is enumerating certificate stores (::CertEnumSystemStore) and then enumerating certificates (::CertEnumCertificatesInStore), as well as looked in certmgr and certutils, and can't find the certificate anywhere. Which leads me to believe that each application's certificates are cordoned off in their own silo and are only accessible via the UWP API, which doesn't allow custom control over how AcquireCredentialsHandle is called.

So my question is, is there a way of accessing the certificates created with UWP using the standard operating system encryption calls?

YodaGhost
  • 11
  • 2
  • Can you tell us why you want to access the certificate? And do you just want to get the certificate created by UWP app from the same application with c++ dll? Currently, what have you done successfully? – Faywang - MSFT Dec 18 '19 at 08:11
  • I need the certificate to establish an encrypted, native tcp communication channel with the server. Basically, replacing the UWP StreamSocket class with a WinSock2 socket and roll our own SNI (as StreamSocket does not support SNI). What I've done so far is I'm able to open all the UWP sockets using the UWP interface, and see each StoreName for the certificates, but the StoreName by itself does not contain the store location, which is needed to open a certificate store using wincrypt. – YodaGhost Dec 18 '19 at 13:04
  • Adding additional information, note that "the server" I refer to is our own server, and all communication happens from within the app. Unfortunately Windows.Security.Cryptography.Certificates.Certificate does not have what I need to pass on to AcquireCredentialsHandle() wincrypt2 function, which I need to use to set up for SNI. – YodaGhost Dec 18 '19 at 14:24

0 Answers0