// Returns 'true' if the peer trust certificate is installed and
// can be used. Precedence based on the current value of this
// condition is:
// blank: attempt to install certificate and return the result
// 'true': attempt to install certificate and return true
// 'false': bypass certificate installation and return false
public static bool Peer_Certificate_Installed()
{
// If the condition is unknown, attempt to install and use the
// results of that install attempt as the value to return.
bool result = GetConditionValue(nameof(Peer_Certificate_Installed),
ConditionalTestDetectors.IsPeerCertificateInstalled);
// Regardless whether the value was 'true' on entry or was detected
// to be true, ensure we have attempted to install and verify the
// certificate is installed. This guarantees installation errors
// are captured and reported in both cases.
if (result)
{
try
{
ServiceUtilHelper.EnsurePeerCertificateInstalled();
}
catch
{
// Errors in certificate installation are caught and reported
// when an attempt is made to access it. But for the purposes
// of this conditional test, an error does not affect the result.
}
}
return(result);
}
// Returns 'true' if the peer trust certificate is installed in a local
// keychain and can be used. Precedence based on the current value of
// this condition is:
// blank: attempt to install certificate and return the result
// 'true': attempt to install certificate and return true
// 'false': bypass certificate installation and return false
public static bool OSXPeer_Certificate_Installed()
{
// If we're not running on OSX, none of the keychain api's
// will work so fail fast if not on OSX.
if ((OSHelper.Current & OSID.OSX) != OSHelper.Current)
{
return(false);
}
// If the condition is unknown, attempt to install and use the
// results of that install attempt as the value to return.
bool result = GetConditionValue(nameof(OSXPeer_Certificate_Installed),
ConditionalTestDetectors.IsOSXKeychainCertificateInstalled);
// Regardless whether the value was 'true' on entry or was detected
// to be true, ensure we have attempted to install and verify the
// certificate is installed. This guarantees installation errors
// are captured and reported in both cases.
if (result)
{
try
{
ServiceUtilHelper.EnsureOSXKeychainCertificateInstalled();
}
catch
{
// Errors in certificate installation are caught and reported
// when an attempt is made to access it. But for the purposes
// of this conditional test, an error does not affect the result.
}
}
return(result);
}
// Detector used by [ConditionalFact(nameof(Client_Certificate_Installed)].
// It will attempt to install the client certificate in the certificate store if
// is not already present, and then it will check whether the install
// succeeded. A 'true' return is a guarantee a client certificate is
// installed in the certificate store.
public static bool IsClientCertificateInstalled()
{
try {
ServiceUtilHelper.EnsureClientCertificateInstalled();
return(true);
}
catch
{
// Errors installing the certificate are captured and will be
// reported when an attempt is made to use it. But for the
// purposes of this detector, a failure only propagates as
// a 'false' return.
return(false);
}
}
public static async Task ServerCertificateValidationUsingIdentity_EchoString()
{
EndpointAddress endpointAddress = null;
X509Certificate2 serviceCertificate = null;
string testString = "Hello";
ChannelFactory <IWcfService> factory = null;
IWcfService serviceProxy = null;
try
{
// *** SETUP *** \\
CustomBinding binding = new CustomBinding(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8), new HttpsTransportBindingElement());
serviceCertificate = await ServiceUtilHelper.GetServiceMacineCertFromServerAsync();
var identity = new X509CertificateEndpointIdentity(serviceCertificate);
endpointAddress = new EndpointAddress(new Uri(Endpoints.Https_DefaultBinding_Address_Text), identity);
factory = new ChannelFactory <IWcfService>(binding, endpointAddress);
serviceProxy = factory.CreateChannel();
// *** EXECUTE *** \\
string result = serviceProxy.Echo(testString);
// *** VALIDATE *** \\
Assert.Equal(testString, result);
// *** CLEANUP *** \\
((ICommunicationObject)serviceProxy).Close();
factory.Close();
}
finally
{
// *** ENSURE CLEANUP *** \\
ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory);
}
}
private static string GetEndpointAddress(string endpoint, string protocol = "http")
{
return(ServiceUtilHelper.GetEndpointAddress(endpoint, protocol));
}
// Detector used by [ConditionalFact(nameof(Client_Certificate_Installed)].
// It will attempt to install the client certificate in the certificate store if
// is not already present, and then it will check whether the install
// succeeded. A 'true' return is a guarantee a client certificate is
// installed in the certificate store.
public static bool IsClientCertificateInstalled()
{
return(ServiceUtilHelper.TryEnsureLocalClientCertificateInstalled());
}
// Detector used by [ConditionalFact(nameof(Root_Certificate_Installed)].
// It will attempt to install the root certificate in the root store if
// is not already present, and then it will check whether the install
// succeeded. A 'true' return is a guarantee a root certificate is
// installed in the root store.
public static bool IsRootCertificateInstalled()
{
return(ServiceUtilHelper.TryEnsureRootCertificateInstalled());
}
