public void LoadCertificate_PfxFileNotFound_Throws() { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath("missingfile.pfx"), Password = "******" }; if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { Assert.ThrowsAny <FileNotFoundException>(() => loader.LoadCertificate(options)); } else { Assert.ThrowsAny <CryptographicException>(() => loader.LoadCertificate(options)); } }
public void ThrowsForCertificatesMissingServerEku(string testCertName) { var certPath = TestResources.GetCertPath(testCertName); TestOutputHelper.WriteLine("Loading " + certPath); var cert = new X509Certificate2(certPath, "testPassword"); Assert.NotEmpty(cert.Extensions); var eku = Assert.Single(cert.Extensions.OfType <X509EnhancedKeyUsageExtension>()); Assert.NotEmpty(eku.EnhancedKeyUsages); var ex = Assert.Throws <InvalidOperationException>(() => new HttpsConnectionAdapter(new HttpsConnectionAdapterOptions { ServerCertificate = cert, })); Assert.Equal(CoreStrings.FormatInvalidServerCertificateEku(cert.Thumbprint), ex.Message); }
public void ConfigureEndpoint_ThrowsWhen_The_PasswordIsMissing() { var serverOptions = CreateServerOptions(); var certificate = new X509Certificate2(TestResources.GetCertPath("https-aspnet.crt")); var config = new ConfigurationBuilder().AddInMemoryCollection(new[] { new KeyValuePair <string, string>("Endpoints:End1:Url", "https://*:5001"), new KeyValuePair <string, string>("Certificates:Default:Path", Path.Combine("shared", "TestCertificates", "https-aspnet.crt")), new KeyValuePair <string, string>("Certificates:Default:KeyPath", Path.Combine("shared", "TestCertificates", "https-aspnet.key")) }).Build(); var ex = Assert.Throws <ArgumentException>(() => { serverOptions .Configure(config) .Endpoint("End1", opt => { Assert.True(opt.IsHttps); }).Load(); }); }
public void FallsBackToHttpsConnectionAdapterCertificate() { var sniDictionary = new Dictionary <string, SniConfig> { { "www.example.org", new SniConfig() } }; var fallbackOptions = new HttpsConnectionAdapterOptions { ServerCertificate = new X509Certificate2(TestResources.GetCertPath("aspnetdevcert.pfx"), "testPassword") }; var sniOptionsSelector = new SniOptionsSelector( "TestEndpointName", sniDictionary, new MockCertificateConfigLoader(), fallbackOptions, fallbackHttpProtocols: HttpProtocols.Http1AndHttp2, logger: Mock.Of <ILogger <HttpsConnectionMiddleware> >()); var(options, _) = sniOptionsSelector.GetOptions(new MockConnectionContext(), "www.example.org"); Assert.Same(fallbackOptions.ServerCertificate, options.ServerCertificate); }
public void ConfigureEndpointDevelopmentCertificateGetsLoadedWhenPresent() { try { var serverOptions = CreateServerOptions(); var certificate = new X509Certificate2(TestResources.GetCertPath("aspnetdevcert.pfx"), "aspnetdevcert", X509KeyStorageFlags.Exportable); var bytes = certificate.Export(X509ContentType.Pkcs12, "1234"); var path = GetCertificatePath(); Directory.CreateDirectory(Path.GetDirectoryName(path)); File.WriteAllBytes(path, bytes); var ran1 = false; var config = new ConfigurationBuilder().AddInMemoryCollection(new[] { new KeyValuePair <string, string>("Endpoints:End1:Url", "https://*:5001"), new KeyValuePair <string, string>("Certificates:Development:Password", "1234"), }).Build(); serverOptions .Configure(config) .Endpoint("End1", opt => { ran1 = true; Assert.True(opt.IsHttps); Assert.Equal(opt.HttpsOptions.ServerCertificate.SerialNumber, certificate.SerialNumber); }).Load(); Assert.True(ran1); Assert.NotNull(serverOptions.DefaultCertificate); } finally { if (File.Exists(GetCertificatePath())) { File.Delete(GetCertificatePath()); } } }