/// <summary> /// Validate the certificate on ARN. The ARN is stored in the appsettings.json. /// /// The X509Certificate2 is injected into this class. /// /// </summary> /// <param name="clientCertificate"></param> /// <param name="arn"></param> /// <returns></returns> public bool ValidateCertificate(X509Certificate2 clientCertificate, string arn) { bool validCert = false; try { Log.Information("Before Validate Certificate"); AmazonCertificateManagerClient client = new AmazonCertificateManagerClient(); var certificates = client.GetCertificateAsync(arn).Result; var handler = new HttpClientHandler { ClientCertificateOptions = ClientCertificateOption.Manual, SslProtocols = SslProtocols.Tls12 }; byte[] toBytes = Encoding.ASCII.GetBytes(certificates.Certificate); var cert = new X509Certificate2(toBytes); handler.ClientCertificates.Add(cert); var httpClient = new HttpClient(handler); // I removed the issuer name for security reasons if (cert.IssuerName.Name == "Dummy Issues Name") { validCert = true; Log.Information("Valid Certificate Found!"); } } catch (Exception ex) { Log.Error("Error in Validate Certificate: " + ex.Message); } return(validCert); }
public Task <GetCertificateResponse> GetCertificateAsync(string arn, CancellationToken cancellationToken = default(CancellationToken)) => _client.GetCertificateAsync(new GetCertificateRequest() { CertificateArn = arn }, cancellationToken).EnsureSuccessAsync();