public Ssl(string server, MySqlSslMode sslMode, string certificateFile, MySqlCertificateStoreLocation certificateStoreLocation,
string certificatePassword, string certificateThumbprint, string sslCa, string sslCert, string sslKey)
{
this._settings = new MySqlConnectionStringBuilder()
{
Server = server,
SslMode = sslMode,
CertificateFile = certificateFile,
CertificateStoreLocation = certificateStoreLocation,
CertificatePassword = certificatePassword,
CertificateThumbprint = certificateThumbprint,
SslCa = sslCa,
SslCert = sslCert,
SslKey = sslKey
};
// Set default value to true since PEM files is the standard for MySQL SSL certificates.
_treatCertificatesAsPemFormat = true;
}
public async Task ConnectSslClientCertificateFromCertificateStore(string certFile, MySqlCertificateStoreLocation storeLocation, string thumbprint)
{
// Create a mock of certificate store
var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadWrite);
var certificate = new X509Certificate2(Path.Combine(AppConfig.CertsPath, certFile));
store.Add(certificate);
var csb = AppConfig.CreateConnectionStringBuilder();
csb.CertificateStoreLocation = storeLocation;
csb.CertificateThumbprint = thumbprint;
using (var connection = new MySqlConnection(csb.ConnectionString))
{
using var cmd = connection.CreateCommand();
await connection.OpenAsync();
#if !BASELINE
Assert.True(connection.SslIsEncrypted);
Assert.True(connection.SslIsSigned);
Assert.True(connection.SslIsAuthenticated);
Assert.True(connection.SslIsMutuallyAuthenticated);
#endif
cmd.CommandText = "SHOW SESSION STATUS LIKE 'Ssl_version'";
var sslVersion = (string)await cmd.ExecuteScalarAsync();
Assert.False(string.IsNullOrWhiteSpace(sslVersion));
}
// Remove the certificate from store
store.Remove(certificate);
}