public static void Main(string[] args)
{
var commandLineArgs = new CommandLineArgs(args);
Console.WriteLine();
Console.WriteLine(" WCF for .NET Core test certificate cleanup tool");
Console.WriteLine(" https://github.com/dotnet/wcf");
Console.WriteLine();
Console.WriteLine(" Removes test certificates generated by the Bridge during testing");
if (commandLineArgs.Help)
{
Console.WriteLine(commandLineArgs.HelpText);
return;
}
if (commandLineArgs.Preview)
{
Console.WriteLine(" Preview mode - certificates will not be deleted");
Console.WriteLine(" ************************************************************");
}
Console.WriteLine();
RemoveCertificatesFromStore(StoreName.My, StoreLocation.CurrentUser, commandLineArgs);
RemoveCertificatesFromStore(StoreName.My, StoreLocation.LocalMachine, commandLineArgs);
// We have to remove from the LocalMachine store first, since in Windows, we can't remove
// root certificates from the CurrentUser store.
RemoveCertificatesFromStore(StoreName.Root, StoreLocation.LocalMachine, commandLineArgs);
RemoveCertificatesFromStore(StoreName.Root, StoreLocation.CurrentUser, commandLineArgs);
Console.WriteLine();
}
private static void RemoveCertificatesFromStore(StoreName storeName, StoreLocation storeLocation, CommandLineArgs commandLineArgs)
{
Console.WriteLine(" Checking StoreName '{0}', StoreLocation '{1}'", storeName, storeLocation);
using (X509Store store = new X509Store(storeName, storeLocation))
{
try
{
store.Open(OpenFlags.ReadWrite | OpenFlags.IncludeArchived);
}
catch (CryptographicException cEx)
{
StringBuilder exceptionString = new StringBuilder();
exceptionString.AppendFormat(" Error opening StoreName: '{0}' certificate store from StoreLocation '{1}' in ReadWrite mode ", storeName, storeLocation);
if (storeLocation == StoreLocation.LocalMachine)
{
exceptionString.AppendFormat("{0} In Windows, This is usually due to permissions issues if writing to the LocalMachine location", Environment.NewLine);
}
exceptionString.AppendFormat("{0} Try running the tool with elevated or superuser permissions.", Environment.NewLine);
exceptionString.Append(GetExceptionString(commandLineArgs, cEx));
Console.WriteLine(exceptionString.ToString());
}
catch (PlatformNotSupportedException pnse)
{
StringBuilder exceptionString = new StringBuilder();
exceptionString.AppendFormat(" Error opening StoreName: '{0}' certificate store from StoreLocation '{1}' in ReadWrite mode ", storeName, storeLocation);
if (storeLocation == StoreLocation.LocalMachine)
{
exceptionString.AppendFormat("{0} In Linux, this is an expected exception as opening a certificate store ReadWrite to LocalMachine isn't yet supported", Environment.NewLine);
}
exceptionString.Append(GetExceptionString(commandLineArgs, pnse));
Console.WriteLine(exceptionString.ToString());
}
catch (Exception ex)
{
StringBuilder exceptionString = new StringBuilder();
exceptionString.AppendFormat(" Error opening StoreName: '{0}' certificate store from StoreLocation '{1}' in ReadWrite mode ", storeName, storeLocation);
exceptionString.Append(GetExceptionString(commandLineArgs, ex));
Console.WriteLine(exceptionString.ToString());
}
int removedCerts = 0;
foreach (var cert in store.Certificates.Find(X509FindType.FindByIssuerName, CertificateIssuer, false))
{
Console.Write(" {0}. Subject: '{1}'", cert.Thumbprint, cert.SubjectName.Name);
if (!commandLineArgs.Preview)
{
try
{
store.Remove(cert);
Console.Write(" ... removed");
removedCerts++;
}
catch (Exception ex)
{
Console.Write(" ... cert removal failed");
Console.WriteLine(GetExceptionString(commandLineArgs, ex));
}
}
Console.WriteLine();
}
if (!commandLineArgs.Preview)
{
Console.WriteLine(" {0} certificates removed", removedCerts);
}
}
Console.WriteLine();
}
private static string GetExceptionString(CommandLineArgs commandLineArgs, Exception exception)
{
StringBuilder exceptionString = new StringBuilder();
if (commandLineArgs.Verbose)
{
exceptionString.AppendFormat("{0} Exception was: {1}", Environment.NewLine, exception);
}
else
{
exceptionString.AppendFormat("{0} Exception was: {1}", Environment.NewLine, exception.Message);
}
return exceptionString.ToString();
}
private static void RemoveCertificatesFromStore(StoreName storeName, StoreLocation storeLocation, CommandLineArgs commandLineArgs)
{
Console.WriteLine(" Checking StoreName '{0}', StoreLocation '{1}'", storeName, storeLocation);
using (X509Store store = new X509Store(storeName, storeLocation))
{
try
{
store.Open(OpenFlags.ReadWrite | OpenFlags.IncludeArchived);
}
catch (CryptographicException cEx)
{
StringBuilder exceptionString = new StringBuilder();
exceptionString.AppendFormat(" Error opening StoreName: '{0}' certificate store from StoreLocation '{1}' in ReadWrite mode ", storeName, storeLocation);
if (storeLocation == StoreLocation.LocalMachine)
{
exceptionString.AppendFormat("{0} In Windows, This is usually due to permissions issues if writing to the LocalMachine location", Environment.NewLine);
}
exceptionString.AppendFormat("{0} Try running the tool with elevated or superuser permissions.", Environment.NewLine);
exceptionString.Append(GetExceptionString(commandLineArgs, cEx));
Console.WriteLine(exceptionString.ToString());
}
catch (PlatformNotSupportedException pnse)
{
StringBuilder exceptionString = new StringBuilder();
exceptionString.AppendFormat(" Error opening StoreName: '{0}' certificate store from StoreLocation '{1}' in ReadWrite mode ", storeName, storeLocation);
if (storeLocation == StoreLocation.LocalMachine)
{
exceptionString.AppendFormat("{0} In Linux, this is an expected exception as opening a certificate store ReadWrite to LocalMachine isn't yet supported", Environment.NewLine);
}
exceptionString.Append(GetExceptionString(commandLineArgs, pnse));
Console.WriteLine(exceptionString.ToString());
}
catch (Exception ex)
{
StringBuilder exceptionString = new StringBuilder();
exceptionString.AppendFormat(" Error opening StoreName: '{0}' certificate store from StoreLocation '{1}' in ReadWrite mode ", storeName, storeLocation);
exceptionString.Append(GetExceptionString(commandLineArgs, ex));
Console.WriteLine(exceptionString.ToString());
}
int removedCerts = 0;
foreach (var cert in store.Certificates.Find(X509FindType.FindByIssuerName, CertificateIssuer, false))
{
Console.Write(" {0}. Subject: '{1}'", cert.Thumbprint, cert.SubjectName.Name);
if (!commandLineArgs.Preview)
{
try
{
store.Remove(cert);
Console.Write(" ... removed");
removedCerts++;
}
catch (Exception ex)
{
Console.Write(" ... cert removal failed");
Console.WriteLine(GetExceptionString(commandLineArgs, ex));
}
}
Console.WriteLine();
}
if (!commandLineArgs.Preview)
{
Console.WriteLine(" {0} certificates removed", removedCerts);
}
}
Console.WriteLine();
}