public ActionResult JwksDocument() { return(Content(JsonConvert.SerializeObject(new JwksModel { Keys = new[] { JwksKeyModel.FromSigningCredentials(SigningCredentials.Value) } }), "application/json")); }
public ActionResult JwksDocument() { string host = configuration.GetSection("JWTSettings")["HostEnvironment"]; SigningCertThumbprint = configuration.GetSection("JWTSettings")["SigningCertThumbprint"]; //One way to handle Windows-based certs if (host.ToLower() == "windows") { SigningCredentials = new Lazy <X509SigningCredentials>(() => { X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser); certStore.Open(OpenFlags.ReadOnly); X509Certificate2Collection certCollection = certStore.Certificates.Find( X509FindType.FindByThumbprint, SigningCertThumbprint, false); // Get the first cert with the thumbprint if (certCollection.Count > 0) { return(new X509SigningCredentials(certCollection[0])); } throw new Exception("Certificate not found"); }); } //And another way to handle Linux certs if (host.ToLower() == "linux") { var bytes = System.IO.File.ReadAllBytes($"/var/ssl/private/{SigningCertThumbprint}.p12"); var cert = new X509Certificate2(bytes); SigningCredentials = new Lazy <X509SigningCredentials>(() => { if (cert != null) { return(new X509SigningCredentials(cert)); } throw new Exception("Certificate not found"); }); } return(Content(JsonConvert.SerializeObject(new JWKSModel { Keys = new[] { JwksKeyModel.FromSigningCredentials(SigningCredentials.Value) } }), "application/json")); }