public static Load ( X509Certificate2 certificate, bool ensurePrivateKeyAccessible ) : X509Certificate2 | ||
certificate | X509Certificate2 | The certificate to load. |
ensurePrivateKeyAccessible | bool | If true a key conatiner is created for a certificate that must be deleted by calling Cleanup. |
Résultat | X509Certificate2 |
/// <summary> /// Finds a certificate in a store. /// </summary> /// <param name="needPrivateKey">if set to <c>true</c> the returned certificate must contain the private key.</param> /// <returns>An instance of the <see cref="X509Certificate2"/> that is emebeded by this instance or find it in /// the selected strore pointed out by the <see cref="StorePath"/> using selected <see cref="SubjectName"/>.</returns> public async Task <X509Certificate2> Find(bool needPrivateKey) { X509Certificate2 certificate = null; // check if the entire certificate has been specified. if (m_certificate != null && (!needPrivateKey || m_certificate.HasPrivateKey)) { certificate = m_certificate; } else { // open store. using (ICertificateStore store = CertificateStoreIdentifier.CreateStore(StoreType)) { store.Open(StorePath); X509Certificate2Collection collection = await store.Enumerate(); certificate = Find(collection, m_thumbprint, m_subjectName, needPrivateKey); if (certificate != null) { m_certificate = certificate; } } } // use the single instance in the certificate cache. if (needPrivateKey) { certificate = m_certificate = CertificateFactory.Load(certificate, true); } return(certificate); }
/// <summary> /// Finds a certificate in a store. /// </summary> /// <param name="needPrivateKey">if set to <c>true</c> the returned certificate must contain the private key.</param> /// <returns>An instance of the <see cref="X509Certificate2"/> that is embedded by this instance or find it in /// the selected store pointed out by the <see cref="StorePath"/> using selected <see cref="SubjectName"/>.</returns> public async Task <X509Certificate2> Find(bool needPrivateKey) { X509Certificate2 certificate = null; // check if the entire certificate has been specified. if (m_certificate != null && (!needPrivateKey || m_certificate.HasPrivateKey)) { certificate = m_certificate; } else { // open store. using (ICertificateStore store = CertificateStoreIdentifier.CreateStore(StoreType)) { store.Open(StorePath, false); X509Certificate2Collection collection = await store.Enumerate().ConfigureAwait(false); certificate = Find(collection, m_thumbprint, m_subjectName, needPrivateKey); if (certificate != null) { if (needPrivateKey && store.SupportsLoadPrivateKey) { var message = new StringBuilder(); message.AppendLine("Loaded a certificate with private key from store {0}."); message.AppendLine("Ensure to call LoadPrivateKeyEx with password provider before calling Find(true)."); Utils.LogWarning(message.ToString(), StoreType); } m_certificate = certificate; } } } // use the single instance in the certificate cache. if (needPrivateKey) { certificate = m_certificate = CertificateFactory.Load(certificate, true); } return(certificate); }
public void InitializeSinglePolicy( Type contractType, ApplicationConfiguration configuration, BindingFactory bindingFactory, EndpointConfiguration endpointConfiguration, List <EndpointDescription> endpoints, MessageSecurityMode securityMode, string securityPolicyUri) { // allow any url to match. System.ServiceModel.ServiceBehaviorAttribute behavoir = this.Description.Behaviors.Find <System.ServiceModel.ServiceBehaviorAttribute>(); behavoir.AddressFilterMode = System.ServiceModel.AddressFilterMode.Any; // specify service credentials ServiceCredentials credentials = new ServiceCredentials(); credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom; credentials.ClientCertificate.Authentication.TrustedStoreLocation = StoreLocation.LocalMachine; credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; credentials.ClientCertificate.Authentication.CustomCertificateValidator = configuration.CertificateValidator.GetChannelValidator(); if (configuration.SecurityConfiguration.ApplicationCertificate != null) { X509Certificate2 certificate = configuration.SecurityConfiguration.ApplicationCertificate.Find(true); if (certificate != null) { credentials.ServiceCertificate.Certificate = CertificateFactory.Load(certificate, true); } } this.Description.Behaviors.Add(credentials); // check if explicitly specified. ServiceThrottlingBehavior throttle = this.Description.Behaviors.Find <ServiceThrottlingBehavior>(); if (throttle == null) { throttle = new ServiceThrottlingBehavior(); throttle.MaxConcurrentCalls = 1000; throttle.MaxConcurrentInstances = 100; throttle.MaxConcurrentSessions = 100; this.Description.Behaviors.Add(throttle); } // add the endpoints for each base address. foreach (Uri baseAddress in this.BaseAddresses) { ServiceEndpoint endpoint = null; // find endpoint configuration. EndpointDescription description = null; foreach (EndpointDescription current in endpoints) { if (new Uri(current.EndpointUrl) == baseAddress) { description = current; break; } } // skip endpoints without a matching base address. if (description == null) { continue; } // set the supported profiles. description.TransportProfileUri = Profiles.WsHttpXmlOrBinaryTransport; // create the SOAP XML binding Binding binding = bindingFactory.Create(baseAddress.Scheme, description, endpointConfiguration); // add the session endpoint. endpoint = this.AddServiceEndpoint(contractType, binding, baseAddress, baseAddress); // set the protection level if (securityMode == MessageSecurityMode.Sign) { endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign; } // update the max items in graph (set to an low value by default). foreach (OperationDescription operation in endpoint.Contract.Operations) { operation.Behaviors.Find <DataContractSerializerOperationBehavior>().MaxItemsInObjectGraph = Int32.MaxValue; } } }