I work on a .NET application that runs multiple download HTTP requests at the same time. We recently added support for client-side certificates to authenticate to a customer controlled server.
When Windows is configured in a very high security manner, the user needs to manually give our application permission to use the certificate once during the lifetime of our process.
We hit a bug in .NET where, if we start multiple HTTP requests at the same time that use the same certificate, and the user needs to approve our use of the certificate, the user will get multiple request dialogues.
The fix is a very convoluted lock statement, because if the user says no, the other HTTP requests that would be started at the same time need to be aborted.
What makes the lock statement more complicated is that we essentially need to lock right before the HTTP request starts, but then unlock when we are reading the stream. This means that the first time we use a client-side certificate, we have to disable multi-threading until we know that the client site certificate is approved by the user.
When Windows is configured in a very high security manner, the user needs to manually give our application permission to use the certificate once during the lifetime of our process.
We hit a bug in .NET where, if we start multiple HTTP requests at the same time that use the same certificate, and the user needs to approve our use of the certificate, the user will get multiple request dialogues.
The fix is a very convoluted lock statement, because if the user says no, the other HTTP requests that would be started at the same time need to be aborted.
What makes the lock statement more complicated is that we essentially need to lock right before the HTTP request starts, but then unlock when we are reading the stream. This means that the first time we use a client-side certificate, we have to disable multi-threading until we know that the client site certificate is approved by the user.