I need help with this:

Our backend is secured by self-signed certificate. Lets call it: OurMegaCoolCertificate.cer

So, we have imported this certificate to our developers machines by using certmgr.msc. And now we can retrieve data from our backend using this code:

async public static Task<string> getData(string Id, string Type)
    {
        String url = "https://BACKEND/API/?Id=" + Id + "&Type=" + Type;
        HttpClientHandler aHandler = new HttpClientHandler();
        aHandler.ClientCertificateOptions = ClientCertificateOption.Automatic;
        HttpClient aClient = new HttpClient(aHandler);
        aClient.DefaultRequestHeaders.ExpectContinue = false;

        aClient.DefaultRequestHeaders.MaxForwards = 3;
        Uri requestUri = new Uri(url);
        HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUri);
        //request.Headers.ExpectContinue = false;
        var result = await aClient.GetAsync(requestUri, HttpCompletionOption.ResponseContentRead);

        var responseHeader = result.Headers;
        //Debug.WriteLine(responseHeader.WwwAuthenticate);

        var responseBody = await result.Content.ReadAsStringAsync();

        return responseBody;
    }

But offcourse we can't tell users of our application, to install the certificate manually, is there a way to add this certificate to project and use it? Or import to users machine programmly? Please guide me, i'm new to SSL security

I have managed to do this, no errors, but request fails, looks like request doesn't find certificate:

private async void GetOverHere()
    {
        //await Windows.Security.Cryptography.Certificates.CertificateEnrollmentManager.InstallCertificateAsync("",InstallOptions.None);
        StorageFolder packageLocation = Windows.ApplicationModel.Package.Current.InstalledLocation;
        StorageFolder certificateFolder = await packageLocation.GetFolderAsync("Certificates");
        StorageFile certificate = await certificateFolder.GetFileAsync("OurMegaCoolCertificate.cer");

        IBuffer buffer = await Windows.Storage.FileIO.ReadBufferAsync(certificate);
        string encodedString = Windows.Security.Cryptography.CryptographicBuffer.EncodeToBase64String(buffer);

        await Windows.Security.Cryptography.Certificates.CertificateEnrollmentManager.InstallCertificateAsync(encodedString, InstallOptions.None);


    }

Also we have tried to do this in manifest:

</Capabilities>
<Extensions>
<!--Certificates Extension-->
 <Extension Category="windows.certificates">
  <Certificates>
    <Certificate StoreName="Root" Content="Assets\OurMegaCoolCertificate.cer" />

  </Certificates>
</Extension>

And again, when we import using certmgr.msc to Trusted Root Certificates - all works

I have managed to get this working:

I have added this in packagemanifest:

</Capabilities>
<Extensions>
<!--Certificates Extension-->
<Extension Category="windows.certificates">
   <Certificates>
       <Certificate StoreName="Root" Content="Assets\OurMegaCoolCertificate.cer" />
   </Certificates>
</Extension>

But i have exported my certificate not using DER ( or something like that ), but as base64 and it worked. But all tutorials say that needs to be exported as DER...