// Install the certificate in the given file path into the My store.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallMyCertificate(BridgeConfiguration configuration, string certificateName)
{
// Installing any MY certificate guarantees the certificate authority is loaded first
InstallRootCertificate(configuration, configuration.BridgeCertificateAuthority);
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (s_myCertificates.TryGetValue(certificateName, out entry))
{
return(entry.ThumbPrint);
}
string certificateFilePath = CreateCertificateFilePath(configuration, certificateName);
X509Certificate2 cert = new X509Certificate2();
// "test" is currently the required password to allow exportable private keys
cert.Import(certificateFilePath, "test", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
bool added = AddToStoreIfNeeded(StoreName.My, StoreLocation.LocalMachine, cert);
s_myCertificates[certificateName] = new CertificateCacheEntry
{
ThumbPrint = cert.Thumbprint,
AddedToStore = added
};
return(cert.Thumbprint);
}
}
// Install the certificate into the My store.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallCertificateToMyStore(X509Certificate2 certificate, bool isValidCert = true, string resourceAddress = null)
{
if (!isValidCert && string.IsNullOrEmpty(resourceAddress))
{
throw new Exception("Parameter resouceAddress cannot be null if isValidCert is false");
}
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (isValidCert)
{
if (s_myCertificates.TryGetValue(certificate.Subject, out entry))
{
return(entry.Thumbprint);
}
}
else
{
if (s_myInvalidCertificates.TryGetValue(resourceAddress, out entry))
{
return(entry.Thumbprint);
}
}
bool added = AddToStoreIfNeeded(StoreName.My, StoreLocation.LocalMachine, certificate);
CertificateCacheEntry certCacheEntry = new CertificateCacheEntry()
{
Thumbprint = certificate.Thumbprint,
AddedToStore = added
};
if (isValidCert)
{
s_myCertificates[certificate.Subject] = certCacheEntry;
}
else
{
s_myInvalidCertificates[resourceAddress] = certCacheEntry;
}
return(certificate.Thumbprint);
}
}
// Install the certificate into the Root store and returns its thumbprint.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallCertificateToRootStore(X509Certificate2 certificate)
{
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (s_rootCertificates.TryGetValue(certificate.Subject, out entry))
{
return(entry.Thumbprint);
}
bool added = AddToStoreIfNeeded(StoreName.Root, StoreLocation.LocalMachine, certificate);
s_rootCertificates[certificate.Subject] = new CertificateCacheEntry
{
Thumbprint = certificate.Thumbprint,
AddedToStore = added
};
return(certificate.Thumbprint);
}
}
// Install the certificate into the Root store and returns its thumbprint.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallCertificateToRootStore(X509Certificate2 certificate)
{
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (s_rootCertificates.TryGetValue(certificate.Thumbprint, out entry))
{
return(entry.Thumbprint);
}
// See explanation of StoreLocation selection at PlatformSpecificRootStoreLocation
bool added = AddToStoreIfNeeded(StoreName.Root, PlatformSpecificRootStoreLocation, certificate);
s_rootCertificates[certificate.Thumbprint] = new CertificateCacheEntry
{
Thumbprint = certificate.Thumbprint,
AddedToStore = added
};
return(certificate.Thumbprint);
}
}
// Install the certificate in the given file path into the Root store and returns its thumbprint.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallRootCertificate(BridgeConfiguration configuration, string certificateName)
{
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (s_rootCertificates.TryGetValue(certificateName, out entry))
{
return(entry.ThumbPrint);
}
string certificateFilePath = CreateCertificateFilePath(configuration, certificateName);
X509Certificate2 cert = new X509Certificate2(certificateFilePath);
bool added = AddToStoreIfNeeded(StoreName.Root, StoreLocation.LocalMachine, cert);
s_rootCertificates[certificateName] = new CertificateCacheEntry
{
ThumbPrint = cert.Thumbprint,
AddedToStore = added
};
return(cert.Thumbprint);
}
}
// Install the certificate into the My store.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallCertificateToMyStore(X509Certificate2 certificate)
{
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (s_myCertificates.TryGetValue(certificate.Thumbprint, out entry))
{
return(entry.Thumbprint);
}
// Always install client certs to CurrentUser
// StoreLocation.CurrentUser is supported on both Linux and Windows
// Furthermore, installing this cert to this location does not require sudo or admin elevation
bool added = AddToStoreIfNeeded(StoreName.My, StoreLocation.CurrentUser, certificate);
s_myCertificates[certificate.Thumbprint] = new CertificateCacheEntry
{
Thumbprint = certificate.Thumbprint,
AddedToStore = added
};
return(certificate.Thumbprint);
}
}
// Install the certificate into the My store.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallCertificateToMyStore(X509Certificate2 certificate, bool isValidCert = true, string resourceAddress = null)
{
if (!isValidCert && string.IsNullOrEmpty(resourceAddress))
{
throw new Exception("Parameter resouceAddress cannot be null if isValidCert is false");
}
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (isValidCert)
{
if (s_myCertificates.TryGetValue(certificate.Subject, out entry))
{
return entry.Thumbprint;
}
}
else
{
if (s_myInvalidCertificates.TryGetValue(resourceAddress, out entry))
{
return entry.Thumbprint;
}
}
bool added = AddToStoreIfNeeded(StoreName.My, StoreLocation.LocalMachine, certificate);
CertificateCacheEntry certCacheEntry = new CertificateCacheEntry()
{
Thumbprint = certificate.Thumbprint,
AddedToStore = added
};
if (isValidCert)
{
s_myCertificates[certificate.Subject] = certCacheEntry;
}
else
{
s_myInvalidCertificates[resourceAddress] = certCacheEntry;
}
return certificate.Thumbprint;
}
}
// Install the certificate in the given file path into the My store.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallMyCertificate(BridgeConfiguration configuration, string certificateName)
{
// Installing any MY certificate guarantees the certificate authority is loaded first
InstallRootCertificate(configuration, configuration.BridgeCertificateAuthority);
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (s_myCertificates.TryGetValue(certificateName, out entry))
{
return entry.ThumbPrint;
}
string certificateFilePath = CreateCertificateFilePath(configuration, certificateName);
X509Certificate2 cert = new X509Certificate2();
// "test" is currently the required password to allow exportable private keys
cert.Import(certificateFilePath, "test", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
bool added = AddToStoreIfNeeded(StoreName.My, StoreLocation.LocalMachine, cert);
s_myCertificates[certificateName] = new CertificateCacheEntry
{
ThumbPrint = cert.Thumbprint,
AddedToStore = added
};
return cert.Thumbprint;
}
}
// Install the certificate in the given file path into the Root store and returns its thumbprint.
// It will not install the certificate if it is already present in the store.
// It returns the thumbprint of the certificate, regardless whether it was added or found.
public static string InstallRootCertificate(BridgeConfiguration configuration, string certificateName)
{
lock (s_certificateLock)
{
CertificateCacheEntry entry = null;
if (s_rootCertificates.TryGetValue(certificateName, out entry))
{
return entry.ThumbPrint;
}
string certificateFilePath = CreateCertificateFilePath(configuration, certificateName);
X509Certificate2 cert = new X509Certificate2(certificateFilePath);
bool added = AddToStoreIfNeeded(StoreName.Root, StoreLocation.LocalMachine, cert);
s_rootCertificates[certificateName] = new CertificateCacheEntry
{
ThumbPrint = cert.Thumbprint,
AddedToStore = added
};
return cert.Thumbprint;
}
}
