/// <summary>
/// Validates the security configuration.
/// </summary>
public void Validate()
{
if (m_applicationCertificate == null)
{
throw ServiceResultException.Create(StatusCodes.BadConfigurationError, "ApplicationCertificate must be specified.");
}
TrustedIssuerCertificates = CreateDefaultTrustList(TrustedIssuerCertificates);
TrustedPeerCertificates = CreateDefaultTrustList(TrustedPeerCertificates);
//set a default rejected certificate store.
if (RejectedCertificateStore == null)
{
RejectedCertificateStore = new CertificateStoreIdentifier();
RejectedCertificateStore.StoreType = CertificateStoreType.Directory;
RejectedCertificateStore.StorePath = Utils.DefaultLocalFolder + Path.DirectorySeparatorChar + "Rejected";
}
// replace subjectName DC=localhost with DC=hostname
ApplicationCertificate.SubjectName = Utils.ReplaceDCLocalhost(ApplicationCertificate.SubjectName);
}
/// <summary>
/// Sets the parameters to suitable defaults.
/// </summary>
private static void SetSuitableDefaults(
ref string applicationUri,
ref string applicationName,
ref string subjectName,
ref IList <String> domainNames)
{
// parse the subject name if specified.
List <string> subjectNameEntries = null;
if (!String.IsNullOrEmpty(subjectName))
{
subjectNameEntries = X509Utils.ParseDistinguishedName(subjectName);
}
// check the application name.
if (String.IsNullOrEmpty(applicationName))
{
if (subjectNameEntries == null)
{
throw new ArgumentNullException(nameof(applicationName), "Must specify a applicationName or a subjectName.");
}
// use the common name as the application name.
for (int ii = 0; ii < subjectNameEntries.Count; ii++)
{
if (subjectNameEntries[ii].StartsWith("CN=", StringComparison.Ordinal))
{
applicationName = subjectNameEntries[ii].Substring(3).Trim();
break;
}
}
}
if (String.IsNullOrEmpty(applicationName))
{
throw new ArgumentNullException(nameof(applicationName), "Must specify a applicationName or a subjectName.");
}
// remove special characters from name.
StringBuilder buffer = new StringBuilder();
for (int ii = 0; ii < applicationName.Length; ii++)
{
char ch = applicationName[ii];
if (Char.IsControl(ch) || ch == '/' || ch == ',' || ch == ';')
{
ch = '+';
}
buffer.Append(ch);
}
applicationName = buffer.ToString();
// ensure at least one host name.
if (domainNames == null || domainNames.Count == 0)
{
domainNames = new List <string>();
domainNames.Add(Utils.GetHostName());
}
// create the application uri.
if (String.IsNullOrEmpty(applicationUri))
{
StringBuilder builder = new StringBuilder();
builder.Append("urn:");
builder.Append(domainNames[0]);
builder.Append(':');
builder.Append(applicationName);
applicationUri = builder.ToString();
}
Uri uri = Utils.ParseUri(applicationUri);
if (uri == null)
{
throw new ArgumentNullException(nameof(applicationUri), "Must specify a valid URL.");
}
// create the subject name,
if (String.IsNullOrEmpty(subjectName))
{
subjectName = Utils.Format("CN={0}", applicationName);
}
if (!subjectName.Contains("CN="))
{
subjectName = Utils.Format("CN={0}", subjectName);
}
if (domainNames != null && domainNames.Count > 0)
{
if (!subjectName.Contains("DC=") && !subjectName.Contains('='))
{
subjectName += Utils.Format(", DC={0}", domainNames[0]);
}
else
{
subjectName = Utils.ReplaceDCLocalhost(subjectName, domainNames[0]);
}
}
}
