static void VerifySniConfig(SniConfig config)
{
Assert.NotNull(config);
Assert.Equal(HttpProtocols.Http1, config.Protocols);
Assert.Equal(SslProtocols.Tls12, config.SslProtocols);
Assert.Equal("/path/cert.pfx", config.Certificate.Path);
Assert.Equal("certpassword", config.Certificate.Password);
Assert.Equal(ClientCertificateMode.AllowCertificate, config.ClientCertificateMode);
}
private static Dictionary <string, SniConfig> ReadSni(IConfigurationSection sniConfig, string endpointName)
{
var sniDictionary = new Dictionary <string, SniConfig>(0, StringComparer.OrdinalIgnoreCase);
foreach (var sniChild in sniConfig.GetChildren())
{
// "Sni": {
// "a.example.org": {
// "Protocols": "Http1",
// "SslProtocols": [ "Tls11", "Tls12", "Tls13"],
// "Certificate": {
// "Path": "testCertA.pfx",
// "Password": "******"
// },
// "ClientCertificateMode" : "NoCertificate"
// },
// "*.example.org": {
// "Certificate": {
// "Path": "testCertWildcard.pfx",
// "Password": "******"
// }
// }
// // The following should work once https://github.com/dotnet/runtime/issues/40218 is resolved
// "*": {}
// }
if (string.IsNullOrEmpty(sniChild.Key))
{
throw new InvalidOperationException(CoreStrings.FormatSniNameCannotBeEmpty(endpointName));
}
var sni = new SniConfig
{
Certificate = new CertificateConfig(sniChild.GetSection(CertificateKey)),
Protocols = ParseProtocols(sniChild[ProtocolsKey]),
SslProtocols = ParseSslProcotols(sniChild.GetSection(SslProtocolsKey)),
ClientCertificateMode = ParseClientCertificateMode(sniChild[ClientCertificateModeKey])
};
sniDictionary.Add(sniChild.Key, sni);
}
return(sniDictionary);
}
