Skip to content

In-proc certificate pinning validation override#6233

Merged
JohnMcPMS merged 11 commits into
microsoft:masterfrom
JohnMcPMS:cert-pin-override
May 20, 2026
Merged

In-proc certificate pinning validation override#6233
JohnMcPMS merged 11 commits into
microsoft:masterfrom
JohnMcPMS:cert-pin-override

Conversation

@JohnMcPMS
Copy link
Copy Markdown
Member

@JohnMcPMS JohnMcPMS commented May 19, 2026
edited
Loading

📖 Description

Adds the ability to override the certificate pinning validation with their own handler for in-proc COM callers. In-proc callers can provide a handler delegate on their PackageCatalogReference object(s) before calling Connect and will receive a callback when winget would execute a certificate pinning validation. If they accept the server connection, the certificate will be cached as it is with the internal check and automatically approved for any future connections.

Note that Connect may not actually trigger the callback if the /information for the catalog is already cached, but you must set the callback before the Connect call for it to be attached to the connected catalog for future use.

The callback can only be set for the MS Store catalog when the group policy BypassCertificatePinningForMicrosoftStore is not configured.

🔍 Validation

Added a sample CLI caller that provides the user with a prompt to accept or reject the connection. Manual validation of logs and caching behavior.
Added E2E tests for the callback.

Microsoft Reviewers: Open in CodeFlow

@JohnMcPMS JohnMcPMS requested a review from a team as a code owner May 19, 2026 17:13
@JohnMcPMS
Only apply GP blocker for store specifically, add sample usage to inc…
bb65b81 
…lude the catalog info, add tests for GP blocking
florelis
florelis reviewed May 19, 2026
View reviewed changes
Comment thread src/Microsoft.Management.Deployment/PackageManager.idl
Comment thread src/Microsoft.Management.Deployment/PackageCatalogReference.h
Comment thread src/Microsoft.Management.Deployment/PackageCatalogReference.cpp
Comment thread ...Microsoft.Management.Deployment.Projection/Microsoft.Management.Deployment.Projection.csproj
Comment thread src/AppInstallerSharedLib/Public/winget/Certificates.h Outdated
florelis
florelis reviewed May 19, 2026
View reviewed changes
Comment thread src/Microsoft.Management.Deployment/PackageManager.idl
yao-msft
yao-msft reviewed May 20, 2026
View reviewed changes
Comment thread samples/ConnectionValidationSample/ConnectionValidationSample.csproj Outdated
Comment thread src/Microsoft.Management.Deployment/PackageCatalogReference.cpp Outdated
yao-msft
yao-msft reviewed May 20, 2026
View reviewed changes
Comment thread src/Microsoft.Management.Deployment/PackageCatalogReference.cpp Outdated
@JohnMcPMS JohnMcPMS merged commit cf184b7 into microsoft:master May 20, 2026
9 checks passed
@JohnMcPMS JohnMcPMS deleted the cert-pin-override branch May 20, 2026 22:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yao-msft yao-msft yao-msft left review comments

@florelis florelis florelis approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JohnMcPMS @florelis @yao-msft