public static Options CreateClientOptions(string clientName, string tlsKey, string tlsPassword) { Options opts = ConnectionFactory.GetDefaultOptions(); opts.Servers = new string[] { "nats://*****:*****@127.0.0.1:4000", "nats://*****:*****@127.0.0.1:5000", "nats://*****:*****@127.0.0.1:6000" }; opts.Name = clientName; opts.Secure = true; X509Certificate2 cert = new X509Certificate2(tlsKey, tlsPassword); opts.TLSRemoteCertificationValidationCallback += rcvcb; opts.AddCertificate(cert); opts.MaxReconnect = 3000; opts.ReconnectWait = 1500; opts.ClosedEventHandler += (sender, args) => { Console.WriteLine("Client {0} CLOSED!.", clientName); }; return(opts); }
public void TestTlsSuccessWithCert() { using (NATSServer srv = util.CreateServerWithConfig("tls_1222_verify.conf")) { Options opts = util.DefaultTestOptions; opts.Secure = true; opts.Url = "nats://localhost:1222"; opts.TLSRemoteCertificationValidationCallback = verifyServerCert; // .NET requires the private key and cert in the // same file. 'client.pfx' is generated from: // // openssl pkcs12 -export -out client.pfx // -inkey client-key.pem -in client-cert.pem X509Certificate2 cert = new X509Certificate2( UnitTestUtilities.GetFullCertificatePath("client.pfx"), "password"); opts.AddCertificate(cert); using (IConnection c = new ConnectionFactory().CreateConnection(opts)) { using (ISyncSubscription s = c.SubscribeSync("foo")) { c.Publish("foo", null); c.Flush(); Msg m = s.NextMessage(); } } } }
public void TestTlsFailWithBadAuth() { using (NATSServer srv = util.CreateServerWithConfig(TestContext, "tls_1222_user.conf")) { Options opts = ConnectionFactory.GetDefaultOptions(); opts.Secure = true; opts.Url = "nats://*****:*****@localhost:1222"; opts.TLSRemoteCertificationValidationCallback = verifyServerCert; // this will fail, because it's not complete - missing the private // key. opts.AddCertificate(UnitTestUtilities.GetFullCertificatePath( TestContext, "client-cert.pem")); try { new ConnectionFactory().CreateConnection(opts); } catch (NATSException nae) { System.Console.WriteLine("Caught expected exception: " + nae.Message); System.Console.WriteLine("Exception output:" + nae); return; } Assert.Fail("Did not receive exception."); } }
private static Options RevocationCheckingOptions() { Options opts = ConnectionFactory.GetDefaultOptions(); opts.Url = Url; opts.Secure = true; X509Certificate2 cert = new X509Certificate2("client.pfx", "password"); opts.AddCertificate(cert); opts.CheckCertificateRevocation = true; return(opts); }
public void TestTlsFailWithInvalidServerCert() { using (NATSServer srv = NATSServer.CreateWithConfig(Context.Server1.Port, "tls_verify.conf")) { Options opts = Context.GetTestOptions(Context.Server1.Port); opts.Secure = true; opts.TLSRemoteCertificationValidationCallback = verifyCertAlwaysFail; // this will fail, because it's not complete - missing the private // key. opts.AddCertificate(UnitTestUtilities.GetFullCertificatePath("client-cert.pem")); Assert.ThrowsAny <NATSException>(() => Context.ConnectionFactory.CreateConnection(opts)); } }
public void TestTlsFailWithBadAuth() { using (NATSServer srv = util.CreateServerWithConfig("tls_1222_user.conf")) { Options opts = util.DefaultTestOptions; opts.Secure = true; opts.Url = "nats://*****:*****@localhost:1222"; opts.TLSRemoteCertificationValidationCallback = verifyServerCert; // this will fail, because it's not complete - missing the private // key. opts.AddCertificate(UnitTestUtilities.GetFullCertificatePath("client-cert.pem")); Assert.ThrowsAny <NATSException>(() => new ConnectionFactory().CreateConnection(opts)); } }
public void TestTlsFailWithBadAuth() { using (NATSServer srv = NATSServer.CreateWithConfig(Context.Server1.Port, "tls_user.conf")) { Options opts = Context.GetTestOptions(Context.Server1.Port); opts.Secure = true; opts.Url = $"nats://*****:*****@localhost:{Context.Server1.Port}"; opts.TLSRemoteCertificationValidationCallback = verifyServerCert; // this will fail, because it's not complete - missing the private // key. opts.AddCertificate(UnitTestUtilities.GetFullCertificatePath("client-cert.pem")); Assert.ThrowsAny <NATSException>(() => Context.ConnectionFactory.CreateConnection(opts)); } }
public NatsConnection(string connectionString) { string workingDirectory = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location); clientCert = Path.GetFullPath(Path.Combine(workingDirectory, CLIENTCERT)); serverCert = Path.GetFullPath(Path.Combine(workingDirectory, SERVERCERT)); options = ConnectionFactory.GetDefaultOptions(); options.Url = connectionString; options.Timeout = 10000; options.Verbose = true; if (File.Exists(serverCert)) { options.Secure = true; X509Certificate2 cert = new X509Certificate2(clientCert, PASSWORD); options.AddCertificate(cert); options.TLSRemoteCertificationValidationCallback = TLSRemoteCertificationValidationCallback; } options.ClosedEventHandler = ClosedEventHandler; options.DisconnectedEventHandler = DisconnectedEventHandler; connection = factory.CreateConnection(options); Console.WriteLine($"NATS Server got connected"); }