internal static X509Certificate Initialize(ICertificateConfig cerConfig)
{
if (!string.IsNullOrEmpty(cerConfig.FilePath))
{
//To keep compatible with website hosting
string filePath;
if (Path.IsPathRooted(cerConfig.FilePath))
filePath = cerConfig.FilePath;
else
{
filePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, cerConfig.FilePath);
}
return new X509Certificate2(filePath, cerConfig.Password);
}
else
{
var storeName = cerConfig.StoreName;
if (string.IsNullOrEmpty(storeName))
storeName = "Root";
var store = new X509Store(storeName);
store.Open(OpenFlags.ReadOnly);
var cert = store.Certificates.OfType<X509Certificate2>().Where(c =>
c.Thumbprint.Equals(cerConfig.Thumbprint, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
store.Close();
return cert;
}
}
internal static X509Certificate Initialize(ICertificateConfig cerConfig, Func<string, string> relativePathHandler)
{
if (!string.IsNullOrEmpty(cerConfig.FilePath))
{
//To keep compatible with website hosting
string filePath;
if (Path.IsPathRooted(cerConfig.FilePath))
filePath = cerConfig.FilePath;
else
{
filePath = relativePathHandler(cerConfig.FilePath);
}
return new X509Certificate2(filePath, cerConfig.Password, cerConfig.KeyStorageFlags);
}
else
{
var storeName = cerConfig.StoreName;
if (string.IsNullOrEmpty(storeName))
storeName = "Root";
var store = new X509Store(storeName, cerConfig.StoreLocation);
store.Open(OpenFlags.ReadOnly);
var cert = store.Certificates.OfType<X509Certificate2>().Where(c =>
c.Thumbprint.Equals(cerConfig.Thumbprint, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
store.Close();
return cert;
}
}
private SslStream CreateSslStream(ICertificateConfig certConfig)
{
//Enable client certificate function only if ClientCertificateRequired is true in the configuration
if (!certConfig.ClientCertificateRequired)
{
return(new SslStream(new NetworkStream(Client), false));
}
//Subscribe the client validation callback
return(new SslStream(new NetworkStream(Client), false, ValidateClientCertificate));
}
internal static void CreateCertificate(string commonName, ICertificateConfig cerConfig)
{
byte[] certificateData = Certificate.CreateSelfSignCertificatePfx(commonName, //host name
DateTime.Now, //not valid before
DateTime.Now.AddYears(5), //not valid after
cerConfig.Password);
using (BinaryWriter binWriter = new BinaryWriter(File.Open(cerConfig.FilePath, FileMode.Create)))
{
binWriter.Write(certificateData);
binWriter.Flush();
}
}
internal static void CreateCertificate(string commonName, ICertificateConfig cerConfig)
{
byte[] certificateData = Certificate.CreateSelfSignCertificatePfx(commonName, //host name
DateTime.Now, //not valid before
DateTime.Now.AddYears(5), //not valid after
cerConfig.Password);
using (BinaryWriter binWriter = new BinaryWriter(File.Open(cerConfig.FilePath, FileMode.Create)))
{
binWriter.Write(certificateData);
binWriter.Flush();
}
}
public static X509Certificate Initialize(ICertificateConfig cerConfig)
{
//To keep compatible with website hosting
string filePath;
if (Path.IsPathRooted(cerConfig.FilePath))
filePath = cerConfig.FilePath;
else
{
filePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, cerConfig.FilePath);
}
return new X509Certificate2(filePath, cerConfig.Password);
}
internal static X509Certificate Initialize(ICertificateConfig cerConfig)
{
//To keep compatible with website hosting
string filePath;
if (Path.IsPathRooted(cerConfig.FilePath))
{
filePath = cerConfig.FilePath;
}
else
{
filePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, cerConfig.FilePath);
}
return(new X509Certificate2(filePath, cerConfig.Password));
}
internal static X509Certificate Initialize(ICertificateConfig cerConfig, Func <string, string> relativePathHandler)
{
if (!string.IsNullOrEmpty(cerConfig.FilePath))
{
//To keep compatible with website hosting
string filePath;
if (Path.IsPathRooted(cerConfig.FilePath))
{
filePath = cerConfig.FilePath;
}
else
{
filePath = relativePathHandler(cerConfig.FilePath);
}
return(new X509Certificate2(filePath, cerConfig.Password, cerConfig.KeyStorageFlags));
}
else
{
var storeName = cerConfig.StoreName;
if (string.IsNullOrEmpty(storeName))
{
storeName = "Root";
}
var store = new X509Store(storeName, cerConfig.StoreLocation);
store.Open(OpenFlags.ReadOnly);
var cert = store.Certificates.OfType <X509Certificate2>().Where(c =>
c.Thumbprint.Equals(cerConfig.Thumbprint, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
store.Close();
return(cert);
}
}
internal static X509Certificate Initialize(ICertificateConfig cerConfig)
{
if (!string.IsNullOrEmpty(cerConfig.FilePath))
{
//To keep compatible with website hosting
string filePath;
if (Path.IsPathRooted(cerConfig.FilePath))
{
filePath = cerConfig.FilePath;
}
else
{
filePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, cerConfig.FilePath);
}
return(new X509Certificate2(filePath, cerConfig.Password));
}
else
{
var storeName = cerConfig.StoreName;
if (string.IsNullOrEmpty(storeName))
{
storeName = "Root";
}
var store = new X509Store(storeName);
store.Open(OpenFlags.ReadOnly);
var cert = store.Certificates.OfType <X509Certificate2>().Where(c =>
c.Thumbprint.Equals(cerConfig.Thumbprint, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
store.Close();
return(cert);
}
}
/// <summary>
/// Gets the certificate from server configuguration.
/// </summary>
/// <param name="certificate">The certificate config.</param>
/// <returns></returns>
protected virtual X509Certificate GetCertificate(ICertificateConfig certificate)
{
if (certificate == null)
{
if (BasicSecurity != SslProtocols.None && Logger.IsErrorEnabled)
{
Logger.Error("There is no certificate configured!");
}
return(null);
}
if (string.IsNullOrEmpty(certificate.FilePath) && string.IsNullOrEmpty(certificate.Thumbprint))
{
if (BasicSecurity != SslProtocols.None && Logger.IsErrorEnabled)
{
Logger.Error("You should define certificate node and either attribute 'filePath' or 'thumbprint' is required!");
}
return(null);
}
return(CertificateManager.Initialize(certificate, GetFilePath));
}
private SslStream CreateSslStream(ICertificateConfig certConfig)
{
//Enable client certificate function only if ClientCertificateRequired is true in the configuration
if(!certConfig.ClientCertificateRequired)
return new SslStream(new NetworkStream(Client), false);
//Subscribe the client validation callback
return new SslStream(new NetworkStream(Client), false, ValidateClientCertificate);
}
internal static X509Certificate Initialize(ICertificateConfig cerConfig)
{
return new X509Certificate2(cerConfig.CertificateFilePath, cerConfig.CertificatePassword);
}
protected override X509Certificate GetCertificate(ICertificateConfig certificate)
{
Logger.InfoFormat("GetCertificate() certificate:'{0}'", certificate.ToString());
return(base.GetCertificate(certificate));
}
internal static X509Certificate Initialize(ICertificateConfig cerConfig)
{
return(new X509Certificate2(cerConfig.CertificateFilePath, cerConfig.CertificatePassword));
}
