You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I found a fix for a bug I'm encountering in a locked down network environment might be to pass the CERT_CHAIN_DISABLE_AUTH_ROOT_AUTO_UPDATE flag to CertGetCertificateChain unmanaged API which is part of X509Chain.Build()'s implementation of building the certificate chain.
Perhaps unfortunately, what the internal BuildChain wrapper function does is construct its flags for passing to CertGetCertificateChain by calling X509Utils.MapRevocationFlags(revocationMode, revocationFlag);
which will never set the flag to disable auth root auto update.
The text was updated successfully, but these errors were encountered:
I say perhaps because I feel it's still a weak argument - there is a viable alternative which is completely disable root authority auto updates on the machine by register policy. Maybe that's better since they're likely to fail for all the other processes as well, not just me.
I found a fix for a bug I'm encountering in a locked down network environment might be to pass the
CERT_CHAIN_DISABLE_AUTH_ROOT_AUTO_UPDATE
flag toCertGetCertificateChain
unmanaged API which is part of X509Chain.Build()'s implementation of building the certificate chain.Perhaps unfortunately, what the internal BuildChain wrapper function does is construct its flags for passing to CertGetCertificateChain by calling
X509Utils.MapRevocationFlags(revocationMode, revocationFlag);
which will never set the flag to disable auth root auto update.
The text was updated successfully, but these errors were encountered: