public virtual void ValidateHttpEndpoint(Models.Endpoint endpoint, X509Chain?chain, SslPolicyErrors sslPolicyErrors) { if (endpoint.GetHttpIgnoreTlsCerts()) { return; // Everything is OK } chain ??= new X509Chain(); var customCertPem = endpoint.GetHttpCustomTlsCert(); if (!string.IsNullOrWhiteSpace(customCertPem)) { if (sslPolicyErrors.HasFlag(SslPolicyErrors.RemoteCertificateNotAvailable)) { // Unacceptable errors are present; throw throw GetAppropriateException(false, chain, sslPolicyErrors, false); } foreach (var el in chain.ChainElements) { if (el.ChainElementStatus != null && el.ChainElementStatus.Length > 0) { foreach (var status in el.ChainElementStatus) { if (status.Status == X509ChainStatusFlags.NoError) { continue; } if (status.Status.HasFlag(X509ChainStatusFlags.Cyclic) || status.Status.HasFlag(X509ChainStatusFlags.ExplicitDistrust) || status.Status.HasFlag(X509ChainStatusFlags.NotSignatureValid) || status.Status.HasFlag(X509ChainStatusFlags.Revoked)) { // Unacceptable errors are present; throw throw GetAppropriateException(false, chain, sslPolicyErrors, false); } } } } // Everything looks good so far; load the custom cert var cert = LoadCert(false, customCertPem); foreach (var el in chain.ChainElements) { if (el.Certificate.Thumbprint.Equals(cert.Thumbprint)) { // Got a matching cert; everything is okay return; } } throw GetAppropriateException(false, chain, sslPolicyErrors, true); } else { // Use existing status information if (sslPolicyErrors == SslPolicyErrors.None) { return; // OK } throw GetAppropriateException(false, chain, sslPolicyErrors, false); } }
public SimulatorFactory(IMemoryCache cache, IHttpContextAccessor context, Settings settings) { _key = settings.Instance.GetSecretKey(); _private = settings.Instance.GetPrivateKey(); _config = settings.Endpoints.Simulator; _orkId = settings.Instance.Username; _cache = cache; _context = context.HttpContext; }