add certificate provider #34
Conversation
|
|
||
| public CertificateState Ensure { get; set; } | ||
|
|
||
| public string Thumbprint { get; set; } = string.Empty; |
There was a problem hiding this comment.
Not sure if I understand completely, but shouldn't this be nullable?
|
@jetersen Sorry for taking so long to get around to this. |
@patriksvensson No worries at all. |
jetersen
force-pushed
the
add/certificateProvider
branch
from
b43fc29 to
b9d2a00
Compare
|
@patriksvensson To add further testing would require changes to the ci.yaml to test on Windows as well 🤔 |
It's OK. Do you feel happy with the PR? In that case I can merge it now and we can fix tests later. |
|
Ya the PR implementation has the features I had had in mind. Should allow for fetching certificates for multiple use cases. So if you're happy with the code and naming. Feel free to merge. |
Thought it might be useful to have an certificate provider 😁
Some improvements would be to create our own enum for store name as the symbol naming is not that great.🤷
Would be nice to have the option for HTTP client to disable certificate checks because of bad certificate chain as seen with the recent DST Root CA X3 cert expiration 😅Done
I could foresee it get somewhat complicated with password and etc but should be doable, this was an initial attempt at making sure root certificate could get patched.Done
We have some systems that do not have general internet access.
Could potentially also be a separate nuget package if you feel it adds too much.
Haven't gotten around to tests, would like to pick your brain on how we could test the functionality.
Perhaps creating an interface for the certificate store so it could be mocked? As it often requires administrator.