PKI Tutorials - Herong's Tutorial Examples

.NET Programs Communicating with HTTPS Servers

.NET Program Failed with CA Certificates Deleted

This section provides a tutorial example on testing .NET program on HTTPS communication with root CA certificates deleted - .NET program failed.

After disabling both root CA certificates, my .NET test program still works on https://login.yahoo.com. My last test is to delete both root CA certificates from the trusted certificate store.

1. Delete the first root CA certificate, "DigiCert High Assurance EV Root CA", from the trusted certificate store, using the certificate console.

2. Delete the second root CA certificate, "GTE CyberTrust Global Root", from the trusted certificate store, using the certificate console.

3. Run the .NET test program again: 

C:\herong>WebReader.exe https://login.yahoo.com

This time, an error message shows up: "Visual Studio Just-In-Time Debugger - An unhandled win32 exception occurred in WebReader.exe [3452]. Just-In-Time debugging this exception failed with the following error: No installed debugger has Just-In-Time debugging enabled. In Visual Studio, Just-In-Time debugging can be enabled from Tools/Options/Debugging/Just-In-Time. Check the documentation index for 'Just-in-time debugging, errors' for more information."

.NET Certificate Verification Failed
.NET Certificate Verification Failed

I am very happy to see the error message. This proves that .NET program does verify server certificate. This also proves that .NET program does use the trusted certificate store for root CA certificates. But this also proves that .NET program does not respect the "Disabled" flag on root CA certificates.

But why .NET gives such a useless error message? Read the next section for answers.

Last update: 2011.

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of HTTPS (Hypertext Transfer Protocol Secure)

 Using HTTPS with Google Chrome

 Using HTTPS with Mozilla Firefox

 HTTPS with IE (Internet Explorer)

 Perl Scripts Communicating with HTTPS Servers

 PHP Scripts Communicating with HTTPS Servers

 Java Programs Communicating with HTTPS Servers

 Windows Certificate Stores and Console

.NET Programs Communicating with HTTPS Servers

 System.Net.Request Class for HTTPS

 Test with CA Certificate Disabled

 Test with Second CA Certificate Disabled

.NET Program Failed with CA Certificates Deleted

 .NET Reporting Certificate Validation Failed

 CAcert.org - Root CA Offering Free Certificates

 PKI CA Administration - Issuing Certificates

 Comodo Free Personal Certificate

 Digital Signature - Microsoft Word

 Digital Signature - OpenOffice.org 3

 S/MIME and Email Security

 PKI (Public Key Infrastructure) Terminology

 Outdated Tutorials

 References

 Full Version in PDF/EPUB