public async Task TestSslTermination() { ILoadBalancerService provider = CreateProvider(); using (CancellationTokenSource cancellationTokenSource = new CancellationTokenSource(TestTimeout(TimeSpan.FromSeconds(240)))) { IEnumerable<LoadBalancingProtocol> protocols = await provider.ListProtocolsAsync(cancellationTokenSource.Token); LoadBalancingProtocol httpProtocol = protocols.First(i => i.Name.Equals("HTTP", StringComparison.OrdinalIgnoreCase)); string loadBalancerName = CreateRandomLoadBalancerName(); LoadBalancerConfiguration configuration = new LoadBalancerConfiguration( name: loadBalancerName, nodes: null, protocol: httpProtocol, virtualAddresses: new[] { new LoadBalancerVirtualAddress(LoadBalancerVirtualAddressType.ServiceNet) }, algorithm: LoadBalancingAlgorithm.RoundRobin); LoadBalancer tempLoadBalancer = await provider.CreateLoadBalancerAsync(configuration, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null); string privateKey; string certificate; CngKeyCreationParameters keyParams = new CngKeyCreationParameters(); keyParams.ExportPolicy = CngExportPolicies.AllowExport | CngExportPolicies.AllowPlaintextExport; keyParams.KeyUsage = CngKeyUsages.AllUsages; keyParams.Provider = CngProvider.MicrosoftSoftwareKeyStorageProvider; using (CngKey key = CngKey.Create(CngAlgorithm2.Rsa, Guid.NewGuid().ToString(), keyParams)) { byte[] exported = key.Export(CngKeyBlobFormat.Pkcs8PrivateBlob); StringBuilder formatted = new StringBuilder(); formatted.AppendLine("-----BEGIN RSA PRIVATE KEY-----"); formatted.AppendLine(Convert.ToBase64String(exported, Base64FormattingOptions.InsertLineBreaks)); formatted.Append("-----END RSA PRIVATE KEY-----"); Console.WriteLine(formatted.ToString()); privateKey = formatted.ToString(); X509CertificateCreationParameters certParams = new X509CertificateCreationParameters(new X500DistinguishedName(string.Format("CN={0}, OU=Integration Testing, O=openstacknetsdk, L=San Antonio, S=Texas, C=US", loadBalancerName))); certParams.SignatureAlgorithm = X509CertificateSignatureAlgorithm.RsaSha1; certParams.StartTime = DateTime.Now; certParams.EndTime = DateTime.Now.AddYears(10); certParams.TakeOwnershipOfKey = true; X509Certificate signed = key.CreateSelfSignedCertificate(certParams); exported = signed.Export(X509ContentType.Cert); formatted = new StringBuilder(); formatted.AppendLine("-----BEGIN CERTIFICATE-----"); formatted.AppendLine(Convert.ToBase64String(exported, Base64FormattingOptions.InsertLineBreaks)); formatted.Append("-----END CERTIFICATE-----"); Console.WriteLine(formatted.ToString()); certificate = formatted.ToString(); } string intermediateCertificate = null; LoadBalancerSslConfiguration sslConfiguration = new LoadBalancerSslConfiguration(true, false, 443, privateKey, certificate, intermediateCertificate); await provider.UpdateSslConfigurationAsync(tempLoadBalancer.Id, sslConfiguration, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null); LoadBalancerSslConfiguration updatedConfiguration = new LoadBalancerSslConfiguration(true, true, 443); await provider.UpdateSslConfigurationAsync(tempLoadBalancer.Id, updatedConfiguration, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null); await provider.RemoveSslConfigurationAsync(tempLoadBalancer.Id, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null); /* Cleanup */ await provider.RemoveLoadBalancerAsync(tempLoadBalancer.Id, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null); } }
public static void UpdateSslConfiguration(this ILoadBalancerService service, LoadBalancerId loadBalancerId, LoadBalancerSslConfiguration configuration) { if (service == null) throw new ArgumentNullException("service"); try { service.UpdateSslConfigurationAsync(loadBalancerId, configuration, AsyncCompletionOption.RequestSubmitted, CancellationToken.None, null).Wait(); } catch (AggregateException ex) { ReadOnlyCollection<Exception> innerExceptions = ex.Flatten().InnerExceptions; if (innerExceptions.Count == 1) throw innerExceptions[0]; throw; } }