public void TestD16(string subject)
{
AgentSettings settings = AgentSettings.Load(TestRealResolversXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver resolver = agent.PublicCertResolver;
Assert.NotNull(resolver);
var dnsCertResolver = LocateChild <DnsCertResolver>(resolver);
var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver));
dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError;
var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver);
var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;
var email = new MailAddress(subject);
X509Certificate2Collection certs = resolver.GetCertificates(email);
Assert.Equal(1, certs.Count);
var cert = certs.FindByName("D16_valC");
//
// Assert cert chain is good
//
AssertCert(cert, true);
//
// Note: this test has a second cert at priority 0 with a weight of 0, but the LDAP resolver does not retrieve it because it found one at priority 0, with a weight of 100
//
}
public void TestD13(string subject)
{
AgentSettings settings = AgentSettings.Load(TestRealResolversXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver resolver = agent.PublicCertResolver;
Assert.NotNull(resolver);
var dnsCertResolver = LocateChild <DnsCertResolver>(resolver);
var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver));
dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError;
var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver);
var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;
var email = new MailAddress(subject);
X509Certificate2Collection certs = resolver.GetCertificates(email);
Assert.Empty(certs);
Assert.Equal(0, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
}
public void TestD4(string subject)
{
AgentSettings settings = AgentSettings.Load(TestRealResolversXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver resolver = agent.PublicCertResolver;
Assert.NotNull(resolver);
var dnsCertResolver = LocateChild <DnsCertResolver>(resolver);
var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver));
dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError;
var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver);
var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;
var email = new MailAddress(subject);
X509Certificate2Collection certs = resolver.GetCertificates(email);
var cert = certs.FindByName("D4_valD");
Assert.Equal("domain2.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false));
AssertCert(cert, true);
Assert.Equal(0, diagnosticsForDnsCertResolver.ActualErrorMessages.Count);
Assert.Equal(0, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
}
public void TestD12(string subject)
{
AgentSettings settings = AgentSettings.Load(TestRealResolversXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver resolver = agent.PublicCertResolver;
Assert.NotNull(resolver);
var dnsCertResolver = LocateChild <DnsCertResolver>(resolver);
var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver));
dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError;
var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver);
var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;
var email = new MailAddress(subject);
X509Certificate2Collection certs = resolver.GetCertificates(email);
Assert.Null(certs);
Assert.Equal(1, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
Assert.Equal("Error=BindFailure\r\n_ldap._tcp.domain7.staging.direct-test.com:10389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]);
}
public void TestD2(string subject)
{
AgentSettings settings = AgentSettings.Load(TestRealResolversXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver resolver = agent.PublicCertResolver;
var dnsCertResolver = LocateChild <DnsCertResolver>(resolver);
var diagnostics = new FakeDiagnostics(typeof(DnsCertResolver));
dnsCertResolver.Error += diagnostics.OnResolverError;
Assert.NotNull(resolver);
var email = new MailAddress(subject);
X509Certificate2Collection certs = resolver.GetCertificates(email);
Assert.Equal(2, certs.Count);
//
// find invalid cert
//
var cert = certs.FindByName("D1_invB");
Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false));
AssertCert(cert, false);
cert = certs.FindByName("D2_valB");
Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false));
AssertCert(cert, true);
//
// Now prove we can get it as a domain with no fail over.
//
certs = resolver.GetCertificatesForDomain(email.Host);
cert = certs.FindByName("D1_invB");
Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false));
AssertCert(cert, false);
cert = certs.FindByName("D2_valB");
Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false));
AssertCert(cert, true);
}
