private X509Certificate2 LoadPEMCertificate(CertificateConfigData certificateConfig, string certificatePath) { var certificateKeyPath = Path.Combine(_hostEnvironment.ContentRootPath, certificateConfig.KeyPath); var certificate = GetCertificate(certificatePath); if (certificate != null) { certificate = LoadCertificateKey(certificate, certificateKeyPath, certificateConfig.Password); } else { throw GetFailedToLoadCertificateKeyException(certificateKeyPath); } if (certificate != null) { if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { return(PersistKey(certificate)); } return(certificate); } throw GetFailedToLoadCertificateKeyException(certificateKeyPath); }
public void LoadCertificate_PemKeyDoesntMatchTheCertificateKey_Throws() { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath("https-aspnet.crt"), KeyPath = TestResources.GetCertPath("https-ecdsa.key") }; Assert.Throws <ArgumentException>(() => loader.LoadCertificate(options)); }
public void LoadCertificate_PemPathAndKeySpecifiedButPasswordIsMissing_Throws() { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath("https-aspnet.crt"), KeyPath = TestResources.GetCertPath("https-aspnet.key") }; Assert.Throws <ArgumentException>(() => loader.LoadCertificate(options)); }
public void LoadCertificate_PfxPasswordIsNotCorrect_Throws() { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath("aspnetdevcert.pfx"), Password = "******" }; Assert.ThrowsAny <CryptographicException>(() => loader.LoadCertificate(options)); }
public void LoadCertificate_PemPasswordIsIncorrect_Throws() { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath("https-aspnet.crt"), KeyPath = TestResources.GetCertPath("https-aspnet.key"), Password = "******" }; Assert.ThrowsAny <CryptographicException>(() => loader.LoadCertificate(options)); }
public void LoadCertificate_PfxPathAndPasswordSpecified_Success() { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath("aspnetdevcert.pfx"), Password = "******" }; var certificate = loader.LoadCertificate(options); Assert.NotNull(certificate); Assert.Equal("7E2467E85A9FA8824F6A37469334AD1C", certificate.SerialNumber); }
public void LoadCertificate_PemLoadCertificate_Success(string certificateFile, string certificateKey, string password, string expectedSN) { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath(certificateFile), KeyPath = TestResources.GetCertPath(certificateKey), Password = password }; var certificate = loader.LoadCertificate(options); Assert.Equal(expectedSN, certificate.SerialNumber); }
public void LoadCertificate_PfxFileNotFound_Throws() { var loader = new CertificateConfigLoader(GetHostEnvironment()); var options = new CertificateConfigData { Path = TestResources.GetCertPath("missingfile.pfx"), Password = "******" }; if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { Assert.ThrowsAny <FileNotFoundException>(() => loader.LoadCertificate(options)); } else { Assert.ThrowsAny <CryptographicException>(() => loader.LoadCertificate(options)); } }
/// <inheritdoc/> public X509Certificate2 LoadCertificate(CertificateConfigData certificateConfig) { if (certificateConfig is null) { return(null); } if (certificateConfig.IsFileCert && certificateConfig.IsStoreCert) { throw new InvalidOperationException($"Multiple certificate sources are defined in the cluster configuration."); } else if (certificateConfig.IsFileCert) { var certificatePath = Path.Combine(_hostEnvironment.ContentRootPath, certificateConfig.Path); if (certificateConfig.KeyPath == null) { return(new X509Certificate2(Path.Combine(_hostEnvironment.ContentRootPath, certificateConfig.Path), certificateConfig.Password)); } else { #if NETCOREAPP5_0 return(LoadPEMCertificate(certificateConfig, certificatePath)); #elif NETCOREAPP3_1 throw new NotSupportedException("PEM certificate format is only supported on .NET 5 or higher."); #else #error A target framework was added to the project and needs to be added to this condition. #endif } } else if (certificateConfig.IsStoreCert) { return(LoadFromCertStore(certificateConfig)); } throw new ArgumentException($"Passed {nameof(CertificateConfigData)} doesn't define a certificate in any known format."); }