internal static void CreateAndRunWebHostForService(IConfigurationRoot configuration) { ApplyCommonConfiguration(configuration, new EventLogLoggerProvider(LogLevel.Warning, Resources.Text_ServiceName)); _loggerFactory .AddDebug() .AddConsole(LogLevel.Trace) .AddProvider(new FileLoggerProvider(_startupOptions.Name, _loggingOptions.LogFolder)); // Add service event logs in addition to file logs. _loggerFactory.AddProvider(new EventLogLoggerProvider(LogLevel.Warning, Resources.Text_ServiceName)); _logger = GetLogger(_loggerFactory, _startupOptions.Name); var tlsConfig = new TlsConfiguration(_logger, _securityOptions); var httpsOptions = tlsConfig.GetHttpsOptions(Configuration); Uri uri = GetServerUri(Configuration); try { CreateWebHost(httpsOptions).Run(CancellationToken); } catch (AggregateException ex) when(ex.IsPortInUseException()) { _logger.LogError(0, ex.InnerException, Resources.Error_ConfiguredPortNotAvailable, uri?.Port); Exit((int)BrokerExitCodes.PortInUse, null); } }
public override MSI.IMonoTlsContext CreateTlsContext( string hostname, bool serverMode, MSI.TlsProtocols protocolFlags, SSCX.X509Certificate serverCertificate, PSSCX.X509CertificateCollection clientCertificates, bool remoteCertRequired, MSI.MonoEncryptionPolicy encryptionPolicy, MSI.MonoTlsSettings settings) { TlsConfiguration config; if (serverMode) { var cert = (PSSCX.X509Certificate2)serverCertificate; var monoCert = new MX.X509Certificate(cert.RawData); config = new TlsConfiguration((TlsProtocols)protocolFlags, (MSI.MonoTlsSettings)settings, monoCert, cert.PrivateKey); if (remoteCertRequired) { config.AskForClientCertificate = true; } } else { config = new TlsConfiguration((TlsProtocols)protocolFlags, (MSI.MonoTlsSettings)settings, hostname); } return(new TlsContextWrapper(config, serverMode)); }
public static void Main(string[] args) { var configBuilder = new ConfigurationBuilder().AddCommandLine(args); Configuration = configBuilder.Build(); string configFile = Configuration["config"]; if (configFile != null) { configBuilder.AddJsonFile(configFile, optional: false); Configuration = configBuilder.Build(); } ConfigurationBinder.Bind(Configuration.GetSection("startup"), _startupOptions); ConfigurationBinder.Bind(Configuration.GetSection("security"), _securityOptions); _loggerFactory .AddDebug() .AddConsole(LogLevel.Trace) .AddProvider(new FileLoggerProvider(_startupOptions.Name)); _logger = _loggerFactory.CreateLogger <Program>(); if (_startupOptions.Name != null) { _logger.LogInformation(Resources.Info_BrokerName, _startupOptions.Name); } var tlsConfig = new TlsConfiguration(_logger, _securityOptions); var httpsOptions = tlsConfig.GetHttpsOptions(Configuration); CreateWebHost(httpsOptions).Run(); }
internal static void CreateAndRunWebHostForService() { var tlsConfig = new TlsConfiguration(_logger, _securityOptions); var httpsOptions = tlsConfig.GetHttpsOptions(Configuration); Uri uri = GetServerUri(Configuration); try { CreateWebHost(httpsOptions).Run(); } catch (AggregateException ex) when(ex.IsPortInUseException()) { _logger.LogError(0, ex.InnerException, Resources.Error_ConfiguredPortNotAvailable, uri?.Port); } }
/// <summary> /// Creates the session and saves references to the passed objects. /// </summary> /// <param name="stream">The socket stream.</param> /// <param name="address">The IP address of the remote end point.</param> /// <param name="tlsConfiguration">The SSL/TLS configuration object.</param> /// <param name="protocolConfigurations">A Dictionary of ProtocolConfiguration /// objects keyed by each protocol's unique identifier.</param> /// <param name="logger">The Logger.</param> /// <param name="userData">An optional Object the user can pass through to each protocol.</param> public Session( Stream stream, string address, TlsConfiguration tlsConfiguration, Dictionary <ushort, ProtocolConfiguration> protocolConfigurations, Logger logger, object userData = null) : base(protocolConfigurations, logger, userData) { this.stream = stream; this.Address = address; this.TlsConfiguration = tlsConfiguration; Id = SessionId.NextId; }
public Session( StreamSocket streamSocket, string address, TlsConfiguration tlsConfiguration, Dictionary <ushort, ProtocolConfiguration> protocolConfigurations, Logger logger, object userData = null) : base(protocolConfigurations, logger, userData) { this.streamSocket = streamSocket; this.iS = streamSocket.InputStream.AsStreamForRead(); this.oS = streamSocket.OutputStream.AsStreamForWrite(); this.Address = address; this.TlsConfiguration = tlsConfiguration; Id = SessionId.NextId; }
private static X509Certificate2 RetrieveTlsCertificate(TlsConfiguration configuration) { if (configuration.ClientCertificateInformation is ClientCertificateReference clientCertRef) { return(Registry.Instance.CertificateRepository.GetCertificate( clientCertRef.ClientCertificateFindType, clientCertRef.ClientCertificateFindValue)); } if (configuration.ClientCertificateInformation is PrivateKeyCertificate embeddedCertInfo) { return(new X509Certificate2( rawData: Convert.FromBase64String(embeddedCertInfo.Certificate), password: embeddedCertInfo.Password, keyStorageFlags: X509KeyStorageFlags.Exportable)); } return(null); }
private HttpsConnectionAdapterOptions ConfigureHttps() { var securityOptions = Configuration.GetSecuritySection().Get <SecurityOptions>(); var logger = LoggerFactory.CreateLogger <TlsConfiguration>(); var tlsConfig = new TlsConfiguration(logger, securityOptions); var httpsOptions = tlsConfig.GetHttpsOptions(); if (httpsOptions == null) { logger.LogCritical(Resources.Critical_NoTlsCertificate, securityOptions.X509CertificateName); if (!IsService) { Environment.Exit((int)BrokerExitCodes.NoCertificate); } } return(httpsOptions); }
private static X509Certificate2 RetrieveClientCertificate(TlsConfiguration tlsConfig) { if (tlsConfig == null || tlsConfig.IsEnabled == false || tlsConfig.ClientCertificateInformation == null) { return(null); } Logger.Trace("Adding Client TLS Certificate to HTTP Request"); X509Certificate2 certificate = RetrieveTlsCertificate(tlsConfig); if (certificate == null) { throw new NotSupportedException( "The TLS certificate information specified in the PMode could not be used to retrieve the certificate"); } return(certificate); }
public override IMonoTlsContext CreateTlsContext( string hostname, bool serverMode, TlsProtocols protocolFlags, SSCX.X509Certificate serverCertificate, PSSCX.X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus, MonoEncryptionPolicy encryptionPolicy, MonoRemoteCertificateValidationCallback userCertificateValidationCallback, MonoLocalCertificateSelectionCallback userCertificateSelectionCallback, MonoTlsSettings settings) { TlsConfiguration config; if (serverMode) { var cert = (PSSCX.X509Certificate2)serverCertificate; var monoCert = new MX.X509Certificate(cert.RawData); config = new TlsConfiguration((TlsProtocols)protocolFlags, (TlsSettings)settings, monoCert, cert.PrivateKey); } else { config = new TlsConfiguration((TlsProtocols)protocolFlags, (TlsSettings)settings, hostname); #if FIXME if (certSelectionDelegate != null) { config.Client.LocalCertSelectionCallback = (t, l, r, a) => certSelectionDelegate(t, l, r, a); } #endif if (userCertificateValidationCallback != null) { config.RemoteCertValidationCallback = (h, c, ch, p) => { var ssc = new SSCX.X509Certificate(c.RawData); return(userCertificateValidationCallback(h, ssc, null, (MonoSslPolicyErrors)p)); }; } } return(new TlsContextWrapper(config)); }
public TlsContextWrapper(TlsConfiguration config) { this.config = config; }
public TlsContextWrapper(TlsConfiguration config, bool serverMode) { this.config = config; this.serverMode = serverMode; }