private static void ConfigureSsl(ConnectionFactory connectionFactory, RabbitMqOptions options) { if (options.Ssl is null || string.IsNullOrWhiteSpace(options.Ssl.ServerName)) { connectionFactory.Ssl = new SslOption(); return; } connectionFactory.Ssl = new SslOption(options.Ssl.ServerName, options.Ssl.CertificatePath, options.Ssl.Enabled); Console.WriteLine($"RabbitMQ SSL is: {(options.Ssl.Enabled ? "enabled" : "disabled")}, " + $"server: '{options.Ssl.ServerName}', client certificate: '{options.Ssl.CertificatePath}', " + $"CA certificate: '{options.Ssl.CaCertificatePath}'."); if (string.IsNullOrWhiteSpace(options.Ssl.CaCertificatePath)) { return; } connectionFactory.Ssl.CertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { if (sslPolicyErrors == SslPolicyErrors.None) { return(true); } if (chain is null) { return(false); } chain = new X509Chain(); var certificate2 = new X509Certificate2(certificate); var signerCertificate2 = new X509Certificate2(options.Ssl.CaCertificatePath); chain.ChainPolicy.ExtraStore.Add(signerCertificate2); chain.Build(certificate2); return(chain.ChainStatus.All(chainStatus => chainStatus.Status == X509ChainStatusFlags.NoError || options.Ssl.TrustUntrustedRoot && chainStatus.Status == X509ChainStatusFlags.UntrustedRoot)); }; }
private static IConveyBuilder AddRabbitMq <TContext>(this IConveyBuilder builder, RabbitMqOptions options, Func <IRabbitMqPluginRegister, IRabbitMqPluginRegister> plugins, Action <IConveyBuilder> registerRedis) where TContext : ICorrelationContext, new() { builder.Services.AddSingleton(options); builder.Services.AddSingleton <RawRabbitConfiguration>(options); if (!builder.TryRegister(RegistryName)) { return(builder); } builder.Services.AddTransient <IBusPublisher, BusPublisher>(); if (options.MessageProcessor?.Enabled == true) { switch (options.MessageProcessor.Type?.ToLowerInvariant()) { case "redis": registerRedis(builder); builder.Services.AddTransient <IMessageProcessor, RedisMessageProcessor>(); break; default: builder.Services.AddMemoryCache(); builder.Services.AddTransient <IMessageProcessor, InMemoryMessageProcessor>(); break; } } else { builder.Services.AddSingleton <IMessageProcessor, EmptyMessageProcessor>(); } builder.Services.AddSingleton <ICorrelationContextAccessor>(new CorrelationContextAccessor()); ConfigureBus <TContext>(builder, plugins); return(builder); }
private static void ConfigureSsl(ConnectionFactory connectionFactory, RabbitMqOptions options, ILogger <IRabbitMqClient> logger) { if (options.Ssl is null || string.IsNullOrWhiteSpace(options.Ssl.ServerName)) { connectionFactory.Ssl = new SslOption(); return; } connectionFactory.Ssl = new SslOption(options.Ssl.ServerName, options.Ssl.CertificatePath, options.Ssl.Enabled); logger.LogDebug($"RabbitMQ SSL is: {(options.Ssl.Enabled ? "enabled" : "disabled")}, " + $"server: '{options.Ssl.ServerName}', client certificate: '{options.Ssl.CertificatePath}', " + $"CA certificate: '{options.Ssl.CaCertificatePath}'."); if (string.IsNullOrWhiteSpace(options.Ssl.CaCertificatePath)) { return; } connectionFactory.Ssl.CertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { if (sslPolicyErrors == SslPolicyErrors.None) { return(true); } if (chain is null) { return(false); } chain = new X509Chain(); var certificate2 = new X509Certificate2(certificate); var signerCertificate2 = new X509Certificate2(options.Ssl.CaCertificatePath); chain.ChainPolicy.ExtraStore.Add(signerCertificate2); chain.Build(certificate2); var ignoredStatuses = Enumerable.Empty <X509ChainStatusFlags>(); if (options.Ssl.X509IgnoredStatuses?.Any() is true) { logger.LogDebug("Ignored X509 certificate chain statuses: " + $"{string.Join(", ", options.Ssl.X509IgnoredStatuses)}."); ignoredStatuses = options.Ssl.X509IgnoredStatuses .Select(s => Enum.Parse <X509ChainStatusFlags>(s, true)); } var statuses = chain.ChainStatus.ToList(); logger.LogDebug("Received X509 certificate chain statuses: " + $"{string.Join(", ", statuses.Select(x => x.Status))}"); var isValid = statuses.All(chainStatus => chainStatus.Status == X509ChainStatusFlags.NoError || ignoredStatuses.Contains(chainStatus.Status)); if (!isValid) { logger.LogError(string.Join(Environment.NewLine, statuses.Select(s => $"{s.Status} - {s.StatusInformation}"))); } return(isValid); }; }
public static IConveyBuilder AddRabbitMq <TContext>(this IConveyBuilder builder, RabbitMqOptions options, Func <IRabbitMqPluginRegister, IRabbitMqPluginRegister> plugins = null, RedisOptions redisOptions = null) where TContext : ICorrelationContext, new() => builder.AddRabbitMq <TContext>(options, plugins, b => b.AddRedis(redisOptions ?? new RedisOptions()));