protected Task InitializeServerCerts()
{
if (string.IsNullOrEmpty(this.certificateFileName))
{
return(Task.CompletedTask);
}
// Since Windows will pop up security warning when add certificate to current user store location;
// Therefore we will use CustomCertificateValidator instead.
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
// This will hook up callback on device transport settings to validate with given certificate
CustomCertificateValidator.Create(new List <X509Certificate2> {
this.GetCertificate()
}, this.deviceTransportSettings);
}
else
{
var store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadWrite);
store.Add(this.GetCertificate());
store.Close();
}
return(Task.CompletedTask);
}
protected Task InitializeTrustedCertsAsync()
{
if (!string.IsNullOrEmpty(this.trustedCACertificateFileName))
{
// Since Windows will pop up security warning when add certificate to current user store location;
// Therefore we will use CustomCertificateValidator instead.
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
// This will hook up callback on device transport settings to validate with given certificate
CustomCertificateValidator.Create(new List <X509Certificate2> {
this.GetTrustedCertificate()
}, this.deviceTransportSettings);
}
else
{
InstallTrustedCACerts(new List <X509Certificate2> {
this.GetTrustedCertificate()
});
}
}
// for dotnet runtime, in order to provide the entire client certificate chain when
// authenticating with a server it is required that these chain CA certificates
// are installed as trusted CAs.
this.clientCertificateChain.ForEach(certs => InstallTrustedCACerts(certs));
return(Task.CompletedTask);
}
public static CustomCertificateValidator Create(
IList <X509Certificate2> certs,
ITransportSettings[] transportSettings)
{
var instance = new CustomCertificateValidator(certs, transportSettings);
instance.SetupCertificateValidation();
return(instance);
}