One not 100% reliable workaround would be to create a new bundle
PEM certificate file from the windows certificate stores when
the app starts before the context is initialized (see PemTool demo).
However if the CA certificate was not yet in the local Windows
store this method won't work :(

I've done in that a few applications, but I thought there would be a better way. This is for a small application that is downloaded for each run and I added the CA the company uses to keep the exe as small as possible
Some of our clients go "CA shopping", so you never know the CA to check.

You centainly don't want to know their answers whenever this happens, especially enterprise clients...


To unsubscribe or change your settings for TWSocket mailing list
please goto
Visit our website at

Reply via email to