I have solved the issue of getting web requests to work in Unity scripts in this answer: How to stop mono from preventing authentication - Questions & Answers - Unity Discussions
However, manually adding certs by command line for all computers that needs to run my build isn’t a great solution. I mean I guess from one of my scripts I could make a call to System.Diagnostics.Process.Start with the command I need. But that’s really hacky.
Is there a better way to include the root certs I need with my unity application, that travels with my build files, and can be installed along with the application on another computer? Or am I stuck with this hack?
Well I’ll go ahead and add a response to my own unanswered question… it turns out Mono uses a specific directory to store it’s certs. On windows the default location appears to be in [local user]\AppData\Roaming.mono\certs\Trust. So what you can do is use mozroots (using an elevated command prompt) to download the certs into this directory, then copy them to whichever machine needs them.
This gets me close! But the problem I have now is that I need this location to be in a place where all users can access, because I don’t want to have to manually copy these certs for each user on the machine. I wonder if there is a way to change the directory mono reads these certs from, or is it hard coded? Any ideas?
@stevesmith_styku You can import root certificates at runtime:
var path; //Path to root certificate
using (X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser)) {
store.Open(OpenFlags.ReadWrite);
store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(path))); //where cert is an X509Certificate object
}