Thread: HttpSendRequestA doesnt return 12045 every time when the usr is snding rqst to Server

In our environment, HTTP server is having the self-signed certificate which is not installed in client machine. We are using "HttpSendRequestA" function to send HTTPS request from client machine to HTTP server. So we got the below security warning pop up during user authentication in client machine. We proceed with user authentication by pressing “yes” in below pop up window. The same function "HttpSendRequestA" is sending the request to server when the client machine is coming out of sleep/hibernate, or Laptop having WIFI connection reconnected to the server after 1 or 2 hour. In this scenario,, we dint get the below security warning.
I have few question for the above situations.

1. Is there any chance for man in middle attack happen here?
2. Does the untrusted certificate stored in my machine temporally when we accept the below pop-up windows?
3. How to get the below pop up window when client network is changed?
4. How to get the below pop up window every time when the user is sending http request to HTTP server?
5. Do we have any settings in IE to get the below pop up window?

Appreciate for your help.
Security warning:
This page requires a secure connection which includes server authentication.

The certificate issuer for this site is untrusted or unknown. Do you wish to proceed?

Thanks for the information.

My problem is "Initially i connected to HTTP server by wifi connection using laptop, and then i disconnected to the server. Again connected to the same server using laptop after two hours but i dint get security warning pop up windows. I want to give security warning pop up windows in this situation. How to give the security warning pop up window?

Where can we find the untrusted certificate stored in client machine? I checked in untrusted certificate store after I accept the security warning but i dint find any info there.

Appreciated for your help.. I was looking into "Manage Revocation Checking Policy" but i dint get any info how to set security warning for subsequent https connection.

One more question:

I am getting security warning pop up window during intital user authentication. Afterwards successful authentication also, i am sending the https request to server having self signed certificate which is not installed in Client machine. why am i not getting security warning pop up for subsequent https request? Is this expected behaviour? Do we have any document in microsoft windows?

I am recreating handle every time. Still i am not getting the warning message.

Do you have document (RFC) to prove that we wont get the security warning for subsequent https request?

Yes, I am calling the "InternetErrorDlg()" function when "HTTPSendRequestA" function returns 0 (i.e Error). This function "HTTPSendRequestA" returns 0 in first time and subsequent calls it returns 1. Do you have any document(RFC) this scenario is expected one? If not, Do you have any option to fix this issue?

I got the security warning pop message for subsequent https connections when i set the flag the "SECURITY_FLAG_IGNORE_REVOCATION" before calling the "HTTPSendRequestA" function. May i know the reason behind this?