Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-17735

WinHTTP returns ERROR_WINHTTP_SECURE_INVALID_CERT on almost every SSL website

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Duplicate
    • Major
    • None
    • None
    • None

    Description

      I made a test application that uses our winhttp.dll to crawl websites and return its content length. it works on http sites, but when it tries to test https sites, fails with error ERROR_WINHTTP_SECURE_INVALID_CERT, this error is returned by line 110 in dll/win32/winhttp/net,c

      https://git.reactos.org/?p=reactos.git;a=blob;f=dll/win32/winhttp/net.c;hb=10c9aa067f3f64f4828f77dbd385ca70ce15b4b5#l110

      Only a couple of https sites can be loaded (google.com and twitter.com), while any other site (tested facebook.com, bing,com and every *.reactos.org subdomain) fails with the mentioned error code.

      Seems that we are failing with cert validation, specially those signed by Let's Encrypt.

      Attached the test application and his source code, needs FreeBasic to be compiled.

      Attachments

        1. 0.4.14-RC-97-g3c1d046_rootCA_importOkay.png
          54 kB
          reactosfanboy
        2. test2_cloudflare_com_w2K3sp2.png
          108 kB
          DougLyons
        3. test2_cloudflare_com_WXPsp3.png
          145 kB
          DougLyons
        4. test2_reactos_org_w2K3sp2.png
          125 kB
          DougLyons

        Issue Links

          Activity

            People

              Unassigned Unassigned
              Julcar Julcar
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: