Downloading file over HTTPS not working for all files

[Berco Beute]

In my C# .Net CF 3.5 app for a Windows CE 5 device I can easily
download an XML from one of my servers over HTTPS, but somehow it
constantly fails when I want to download a binary file. I am testing
it on a real device connected via USB cable to my computer. The
exception that is thrown can be seen below. If I move the same file to
another server where it still is served over HTTPS there is no problem
at all.

I have tried all possible header combinations and even checked whether
the server first sends an "empty encryption packet" as described here:

http://blogs.msdn.com/b/andrewarnot...ork-fails-to-call-some-https-web-servers.aspx

That wasn't the case, and if it was it would show up when downloading
the XML file as well. I have the feeling I am out of options here. Any
suggestions would be highly appreciated.

=== HEADERS =================

getString.Append("Host: www.somehost.com\r\n");
getString.Append("User-Agent: Windows Mobile 5 CE\r\n");
getString.Append("Accept: text/html,application/xhtml+xml,application/
xml;q=0.9,*/*;q=0.8\r\n");
getString.Append("Accept-Encoding: gzip,deflate\r\n");
getString.Append("Keep-Alive: 300\r\n");
getString.Append("Connection: keep-alive\r\n");
getString.Append("Content-Type: application/octet-stream\r\n");
getString.Append("Accept-Language: en-us,en;q=0.5\r\n");
getString.Append("Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r
\n");


=== EXCEPTION ================
Unable to read data from the transport connection.

at System.Net.HttpWebRequest.finishGetResponse()
at System.Net.HttpWebRequest.GetResponse()
at app.FileDownloader.downloadFile(String downloadUrl, String
localFile)
at app.SelectEventForm.onOKButtonClick(Object sender, EventArgs e)
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.ButtonBase.WnProc(WM wm, Int32 wParam,
Int32 lParam)
at System.Windows.Forms.Control._InternalWnProc(WM wm, Int32
wParam, Int32 lParam)
at Microsoft.AGL.Forms.EVL.EnterMainLoop(IntPtr hwnMain)
at System.Windows.Forms.Application.Run(Form fm)
at scanware.Scanware..ctor()
at scanware.Program.Main()
===================

 

[Berco Beute]

It is because the server is using a wildcard certificate
(*.domain.com) which Windows Mobile 5 doesn't support. I'm quoting
from:

http://www.sslshopper.com/best-ssl-wildcard-certificate.html

"Disadvantages of SSL Wildcard Certificates:
Mobile Device Compatibility. Some popular mobile device operating
systems, including Windows Mobile 5, don't recognize the wildcard
character (*) and therefore can't use a wildcard certificate. If you
need to support these devices you will need to use a single
certificate, a UC certificate, or a wildcard certificate with Subject
Alternative Names."

Pretty bad luck.

 

[Berco Beute]

On second thought that doesn't explain the fact that I CAN download an
XML file from the exact same server over HTTPS. The only difference
with the call that fails is that the latter is a binary file (content-
type: application/octet-stream).

I've tried setting a custom ServicepointManager.CertificatePolicy
property:

http://www.eggheadcafe.com/community/aspnet/7/10011/first-is-a-matching-cert.aspx

That didn't help either. Somehow my custom CheckValidationResult
method (which always returns 'true') never gets called.

Now the question is at exact which moment the problem occurs. Is it
because of wildcard certificates? Because of binary data?