• winhttp fails when try to send request with TLS from protected service

    From guffy.forums@gmail.com@21:1/5 to All on Fri Apr 6 07:27:16 2018
    hi

    we have protected our service with certificate in ELAM driver.
    (service has LaunchProtected=3)
    it used only on Windows 10 and on WinServer 2016 (we don't use it on win 8.1 and earlier OSes).

    On Windows 10 x64 (as example on 1703-16299.309) all works perfect.
    But on server 2016 x64 (1607-14393.2155) function WinHttpSendRequest fails with error 12175 ERROR_WINHTTP_SECURE_FAILURE

    1. Same remote server, same URL for both cases.
    2. If I set LaunchProtected=0 for the service on the 2016 server, then rebooted and then tried again - winhttp works well.
    3. Simple console application which uses winhttp, launched from user session and tries to download same file - works well on this 2016 server.

    So it looks like WinHttp+TLS is broken when use on 2016 serevr from protected service.

    How can we solve or workaround this issue? Right now I see only way to don't use service protection on 2016 until this will be fixed.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)