public HttpClientHandler CreateDefaultHttpClientHandler() { var httpClientHandler = new HttpClientHandler(); var uriScheme = new Uri(this.Host).Scheme; if (uriScheme == "https") { if (SkipTlsVerify) { httpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; } else { httpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, SslCaCerts, certificate, chain, sslPolicyErrors)); }; } } AddCertificates(httpClientHandler); return(httpClientHandler); }
public WebSocketBuilder ExpectServerCertificate(X509Certificate2 serverCertificate) { Options.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, serverCertificate, certificate, chain, sslPolicyErrors)); }; return(this); }
/// <summary> /// Initializes a new instance of the <see cref="Kubernetes" /> class. /// </summary> /// <param name='config'> /// Optional. The delegating handlers to add to the http client pipeline. /// </param> /// <param name="handlers"> /// Optional. The delegating handlers to add to the http client pipeline. /// </param> public Kubernetes(KubernetesClientConfiguration config, params DelegatingHandler[] handlers) : this(handlers) { if (string.IsNullOrWhiteSpace(config.Host)) { throw new KubeConfigException("Host url must be set"); } try { BaseUri = new Uri(config.Host); } catch (UriFormatException e) { throw new KubeConfigException("Bad host url", e); } CaCert = config.SslCaCert; SkipTlsVerify = config.SkipTlsVerify; if (BaseUri.Scheme == "https") { if (config.SkipTlsVerify) { #if NET452 ((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; #else HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; #endif } else { if (CaCert == null) { throw new KubeConfigException("a CA must be set when SkipTlsVerify === false"); } #if NET452 ((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors)); }; #else HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors)); }; #endif } } // set credentails for the kubernernet client SetCredentials(config, HttpClientHandler); }
private void InitializeFromConfig(KubernetesClientConfiguration config) { if (BaseUri.Scheme == "https") { if (config.SkipTlsVerify) { #if NET452 ((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; #elif XAMARINIOS1_0 || MONOANDROID8_1 System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => { return(true); }; #else HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; #endif } else { if (CaCerts == null) { throw new KubeConfigException("A CA must be set when SkipTlsVerify === false"); } #if NET452 ((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, CaCerts, certificate, chain, sslPolicyErrors)); }; #elif XAMARINIOS1_0 System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => { var cert = new X509Certificate2(certificate); return(Kubernetes.CertificateValidationCallBack(sender, CaCerts, cert, chain, sslPolicyErrors)); }; #elif MONOANDROID8_1 var certList = new System.Collections.Generic.List <Java.Security.Cert.Certificate>(); foreach (X509Certificate2 caCert in CaCerts) { using (var certStream = new System.IO.MemoryStream(caCert.RawData)) { Java.Security.Cert.Certificate cert = Java.Security.Cert.CertificateFactory.GetInstance("X509").GenerateCertificate(certStream); certList.Add(cert); } } var handler = (Xamarin.Android.Net.AndroidClientHandler) this.HttpClientHandler; handler.TrustedCerts = certList; #else HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, CaCerts, certificate, chain, sslPolicyErrors)); }; #endif } } // set credentails for the kubernetes client SetCredentials(config); config.AddCertificates(HttpClientHandler); }
internal bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return(Kubernetes.CertificateValidationCallBack(sender, this.CaCerts, certificate, chain, sslPolicyErrors)); }
private void InitKubernetes(KubernetesClientConfiguration config) { if (string.IsNullOrWhiteSpace(config.Host)) { throw new KubeConfigException("Host url must be set"); } try { BaseUri = new Uri(config.Host); } catch (UriFormatException e) { throw new KubeConfigException("Bad host url", e); } CaCert = config.SslCaCert; SkipTlsVerify = config.SkipTlsVerify; if (BaseUri.Scheme == "https") { if (config.SkipTlsVerify) { #if NET452 ((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; #elif XAMARINIOS1_0 System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => { return(true); }; #else HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; #endif } else { if (CaCert == null) { throw new KubeConfigException("a CA must be set when SkipTlsVerify === false"); } #if NET452 ((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors)); }; #elif XAMARINIOS1_0 System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => { var cert = new X509Certificate2(certificate); return(Kubernetes.CertificateValidationCallBack(sender, CaCert, cert, chain, sslPolicyErrors)); }; #else HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors)); }; #endif } } // set credentails for the kubernernet client SetCredentials(config, HttpClientHandler); }