static void VerifySniConfig(SniConfig config) { Assert.NotNull(config); Assert.Equal(HttpProtocols.Http1, config.Protocols); Assert.Equal(SslProtocols.Tls12, config.SslProtocols); Assert.Equal("/path/cert.pfx", config.Certificate.Path); Assert.Equal("certpassword", config.Certificate.Password); Assert.Equal(ClientCertificateMode.AllowCertificate, config.ClientCertificateMode); }
private static Dictionary <string, SniConfig> ReadSni(IConfigurationSection sniConfig, string endpointName) { var sniDictionary = new Dictionary <string, SniConfig>(0, StringComparer.OrdinalIgnoreCase); foreach (var sniChild in sniConfig.GetChildren()) { // "Sni": { // "a.example.org": { // "Protocols": "Http1", // "SslProtocols": [ "Tls11", "Tls12", "Tls13"], // "Certificate": { // "Path": "testCertA.pfx", // "Password": "******" // }, // "ClientCertificateMode" : "NoCertificate" // }, // "*.example.org": { // "Certificate": { // "Path": "testCertWildcard.pfx", // "Password": "******" // } // } // // The following should work once https://github.com/dotnet/runtime/issues/40218 is resolved // "*": {} // } if (string.IsNullOrEmpty(sniChild.Key)) { throw new InvalidOperationException(CoreStrings.FormatSniNameCannotBeEmpty(endpointName)); } var sni = new SniConfig { Certificate = new CertificateConfig(sniChild.GetSection(CertificateKey)), Protocols = ParseProtocols(sniChild[ProtocolsKey]), SslProtocols = ParseSslProcotols(sniChild.GetSection(SslProtocolsKey)), ClientCertificateMode = ParseClientCertificateMode(sniChild[ClientCertificateModeKey]) }; sniDictionary.Add(sniChild.Key, sni); } return(sniDictionary); }