Пример #1
0
        public async Task TlsEndToEnd(string[] oids, RemoteCertificateMode certificateMode)
        {
            TestCluster testCluster = default;

            try
            {
                var builder = new TestClusterBuilder()
                              .AddSiloBuilderConfigurator <TlsConfigurator>()
                              .AddClientBuilderConfigurator <TlsConfigurator>();

                var certificate = TestCertificateHelper.CreateSelfSignedCertificate(
                    CertificateSubjectName, oids);

                var encodedCertificate = TestCertificateHelper.ConvertToBase64(certificate);
                builder.Properties[CertificateConfigKey]     = encodedCertificate;
                builder.Properties[ClientCertificateModeKey] = certificateMode.ToString();

                testCluster = builder.Build();
                await testCluster.DeployAsync();

                var client = testCluster.Client;

                var grain    = client.GetGrain <IPingGrain>("pingu");
                var expected = "secret chit chat";
                var actual   = await grain.Echo(expected);

                Assert.Equal(expected, actual);
            }
            finally
            {
                if (testCluster != null)
                {
                    await testCluster.StopAllSilosAsync();

                    testCluster.Dispose();
                }
            }
        }
Пример #2
0
        private static X509Certificate2 ValidateCertificate(X509Certificate2 certificate, RemoteCertificateMode mode)
        {
            switch (mode)
            {
            case RemoteCertificateMode.NoCertificate:
                return(null);

            case RemoteCertificateMode.AllowCertificate:
                //if certificate exists but can not be used for client authentication.
                if (certificate != null && CertificateLoader.IsCertificateAllowedForClientAuth(certificate))
                {
                    return(certificate);
                }
                return(null);

            case RemoteCertificateMode.RequireCertificate:
                EnsureCertificateIsAllowedForClientAuth(certificate);
                return(certificate);

            default:
                throw new ArgumentOutOfRangeException(nameof(mode), mode, null);
            }
        }