The problem with running WinInet in a service is that WinInet uses settings from the registry for SSL information, proxy information, and more. Services do not load the HKEY_CURRENT_USER registry hive, so this information is not available.
Warning: Microsoft does not support using WinInet APIs within the context of a System Service.
WinInet APIs report access violations when used from the service over the SSL with Internet Explorer 5.0 installed.
In order to understand the limitations unique to using WinInet in a server environment, it is necessary to understand WinInet's history. WinInet was developed for use by Internet Explorer. In fact, to use later versions of WinInet, you must load a minimal installation of Internet Explorer (see the References section in this article). WinInet also exposes APIs for use by other client applications that wish to access resources on the Internet (or intranet). It is important to recognize the environment in which WinInet was developed and tested in order to understand the appropriate use for the DLL. WinInet was developed for use in a client environment. Although it is still acting as a client when it is running in an ISAPI DLL, it is running in a server environment in this case.
Client Environment: A Person Running the Internet Explorer
- Relatively low number of requests
- Requests made relatively consecutively
- Host application lifetime is short (length of browser session
- High number of requests per second
- Multiple threads making requests concurrently
- Must run for weeks or months
Another solution is to use sockets directly the Platform SDK includes a sample that demonstrates how to use the WinSock over the SSL. You'll find a sample in the \Microsoft Platform SDK\Samples\Winbase\Security\Ssl folder of the SDK.
Another problem to be aware of when using WinInet in a server environment is the two-connection limit imposed by Internet Explorer. This subject is covered in the following Knowledge Base article: