X509Certificate2

Configuration\DashboardOptions.cs (1)

338_serverCertificate = new X509Certificate2(data);

ResourceService\DashboardClient.cs (1)

181return [new X509Certificate2(filePath, password)];

tests\Shared\Telemetry\TelemetryTestHelpers.cs (1)

340return new X509Certificate2(certificate.Export(X509ContentType.Pfx));

tests\Shared\Telemetry\TelemetryTestHelpers.cs (1)

340return new X509Certificate2(certificate.Export(X509ContentType.Pfx));

tests\Shared\TestCertificateLoader.cs (1)

36return new X509Certificate2(GetCertPath(certName), password);

ServiceHelper.cs (1)

64foundCert = new X509Certificate2(cert);

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

FrameworkFork\System.ServiceModel\System\IdentityModel\Claims\X509CertificateClaimSet.cs (2)

34_certificate = clone ? new X509Certificate2(certificate.Handle) : certificate; 512_certificate = clone ? new X509Certificate2(certificate.Handle) : certificate;

FrameworkFork\System.ServiceModel\System\IdentityModel\Selectors\X509SecurityTokenProvider.cs (2)

24_certificate = new X509Certificate2(certificate.Handle); 49_certificate = new X509Certificate2(certificates[0].Handle);

FrameworkFork\System.ServiceModel\System\IdentityModel\Tokens\X509SecurityToken.cs (1)

56_certificate = clone ? new X509Certificate2(certificate.Handle) : certificate;

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (3)

266_serverCertificate = new X509Certificate2(x509Token.Certificate.Handle); 402X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle); 640X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle);

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\SecurityUtils.cs (2)

859certificate = (rawData == null || rawData.Length == 0) ? null : new X509Certificate2(rawData); 915return new X509Certificate2(certs[0].Handle);

FrameworkFork\System.ServiceModel\System\ServiceModel\X509CertificateEndpointIdentity.cs (1)

59X509Certificate2 certificate = new X509Certificate2(Convert.FromBase64String(reader.ReadElementString()));

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

Program.cs (1)

405cert = new X509Certificate2(cert.Export(X509ContentType.Pfx));

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (1)

56imported = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (1)

56imported = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (1)

56imported = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (1)

56imported = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (1)

56imported = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (1)

56imported = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

CertificateManager.cs (1)

151var publicOnly = new X509Certificate2(certificate.RawData);

ServiceUtilHelper.cs (5)

151X509Certificate2 rootCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(RootCertificateResource)); 157return new X509Certificate2(await GetResourceFromServiceAsByteArrayAsync(MachineCertificateResource)); 362X509Certificate2 clientCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(ClientCertificateResource), "test", storageFlags); 371X509Certificate2 peerCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(PeerCertificateResource), "test", X509KeyStorageFlags.DefaultKeySet); 380X509Certificate2 peerCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(PeerCertificateResource), "test", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.UserKeySet);

CertificateLoaderTests.cs (4)

21var cert = new X509Certificate2(certPath, "testPassword"); 34var cert = new X509Certificate2(certPath, "testPassword"); 49var cert = new X509Certificate2(certPath, "testPassword"); 64var cert = new X509Certificate2(certPath, "testPassword");

HttpsConnectionMiddlewareTests.cs (4)

1311var cert = new X509Certificate2(certPath, "testPassword"); 1324var cert = new X509Certificate2(certPath, "testPassword"); 1343var cert = new X509Certificate2(certPath, "testPassword"); 1364var cert = new X509Certificate2(certPath, "testPassword");

HttpsTests.cs (1)

376o.ServerCertificate = new X509Certificate2(_x509Certificate2);

src\Servers\Kestrel\shared\test\CertHelper.cs (1)

165endEntity = new X509Certificate2(endEntity.Export(X509ContentType.Pfx), (string?)null, X509KeyStorageFlags.Exportable);

src\Servers\Kestrel\shared\test\CertificateAuthority.cs (1)

129return new X509Certificate2(_cert.RawData);

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

Http3\Http3TlsTests.cs (1)

433var expectedCertificate = new X509Certificate2(TestResources.GetCertPath("aspnetdevcert.pfx"), "testPassword", X509KeyStorageFlags.Exportable);

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

InteropClient.cs (1)

165var cert = new X509Certificate2(certData!);

DataProtectionProviderTests.cs (7)

122using (var imported = new X509Certificate2(filePath, "password", X509KeyStorageFlags.Exportable)) 148var certWithoutKey = new X509Certificate2(Path.Combine(GetTestFilesPath(), "TestCertWithoutPrivateKey.pfx"), "password"); 176var certWithoutKey = new X509Certificate2(Path.Combine(GetTestFilesPath(), "TestCert3WithoutPrivateKey.pfx"), "password3", X509KeyStorageFlags.Exportable); 193var certWithKey = new X509Certificate2(Path.Combine(GetTestFilesPath(), "TestCert3.pfx"), "password3"); 217var certificate = new X509Certificate2(filePath, "password"); 246var certificate = new X509Certificate2(filePath, "password"); 288var certificate = new X509Certificate2(filePath, "password");

XmlEncryption\EncryptedXmlDecryptorTests.cs (7)

18var testCert1 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 32var testCert1 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 33var testCert2 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert2.pfx"), "password"); 50var fullCert = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 51var publicKeyOnly = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.PublicKeyOnly.cer"), ""); 68var testCert1 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 69var testCert2 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert2.pfx"), "password");

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

CertificateManagerTests.cs (3)

52var exportedCertificate = new X509Certificate2(File.ReadAllBytes(CertificateName)); 151var exportedCertificate = new X509Certificate2(File.ReadAllBytes(CertificateName), certificatePassword); 218var exportedCertificate = new X509Certificate2(CertificateName);

RequestDelegateGenerator\RequestDelegateCreationTests.Forms.cs (1)

497var clientCertificate = new X509Certificate2();

CertificateForwardingOptions.cs (1)

27public Func<string, X509Certificate2> HeaderConverter = (headerValue) => new X509Certificate2(Convert.FromBase64String(headerValue));

RequestProcessing\ClientCertLoader.cs (1)

280asyncResult.Complete((int)pClientCertInfo->CertFlags, new X509Certificate2(certEncoded));

src\Shared\HttpSys\RequestProcessing\NativeRequestContext.cs (1)

822return new X509Certificate2(certEncoded);

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

Core\IISHttpContext.FeatureCollection.cs (1)

396_certificate = new X509Certificate2(rawCertificateCopy);

src\Shared\HttpSys\RequestProcessing\NativeRequestContext.cs (1)

822return new X509Certificate2(certEncoded);

ForwardedTlsConnectionFeature.cs (1)

32_certificate = new X509Certificate2(bytes);

Internal\Certificates\CertificateConfigLoader.cs (3)

74return (new X509Certificate2(Path.Combine(HostEnvironment.ContentRootPath, certInfo.Path!), certInfo.Password), fullChain); 89return new X509Certificate2(certificateBytes, "", X509KeyStorageFlags.DefaultKeySet); 159return new X509Certificate2(certificatePath);

Internal\TlsConnectionFeature.cs (1)

128_ => new X509Certificate2(certificate),

ListenOptionsHttpsExtensions.cs (3)

39return listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName))); 53return listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName), password)); 68return listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName), password), configureOptions);

Middleware\HttpsConnectionMiddleware.cs (1)

505return new X509Certificate2(certificate);

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

TlsConfigurationLoader.cs (1)

161var certificate = new X509Certificate2(certificatePath, certificateConfig.Password);

SniOptionsSelectorTests.cs (4)

474ServerCertificate = new X509Certificate2(Array.Empty<byte>()), 534ServerCertificate = new X509Certificate2(TestResources.GetCertPath("aspnetdevcert.pfx"), "testPassword") 561ServerCertificate = new X509Certificate2(Array.Empty<byte>()), 852ServerCertificate = new X509Certificate2(Array.Empty<byte>()),

src\Servers\Kestrel\shared\test\CertHelper.cs (1)

165endEntity = new X509Certificate2(endEntity.Export(X509ContentType.Pfx), (string?)null, X509KeyStorageFlags.Exportable);

src\Servers\Kestrel\shared\test\CertificateAuthority.cs (1)

129return new X509Certificate2(_cert.RawData);

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

HttpsConfigurationTests.cs (3)

28serverOptions.TestOverrideDefaultCertificate = new X509Certificate2(Path.Combine("shared", "TestCertificates", "aspnetdevcert.pfx"), "testPassword"); 193serverOptions.TestOverrideDefaultCertificate = new X509Certificate2(Path.Combine("shared", "TestCertificates", "aspnetdevcert.pfx"), "testPassword"); 222ServerCertificate = new X509Certificate2(Path.Combine("shared", "TestCertificates", "aspnetdevcert.pfx"), "testPassword"),

KestrelConfigurationLoaderTests.cs (16)

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

Internal\QuicConnectionContext.FeatureCollection.cs (1)

53_ => new X509Certificate2(certificate),

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

src\Shared\HttpSys\RequestProcessing\NativeRequestContext.cs (1)

822return new X509Certificate2(certEncoded);

src\SignalR\common\Shared\TestCertificates.cs (2)

36return new X509Certificate2(certPath, "testPassword"); 42return new X509Certificate2(certPath, "testPassword");

ManifestUtil\SecurityUtil.cs (1)

613using X509Certificate2 cert = new X509Certificate2(certPath, certPassword, X509KeyStorageFlags.PersistKeySet);

SecurityUtil_Tests.cs (1)

53var certificate = new X509Certificate2(pathToCertificate);

Verification\VsixVerifier.cs (2)

92X509Certificate2 certificate = new X509Certificate2(packageSignature.Signer); 153X509Certificate2 certificate = new X509Certificate2(packageSignature.Signer);

src\VerifySignatures.cs (1)

222certificate = new X509Certificate2(signer);

src\SignalR\common\Shared\TestCertificates.cs (2)

36return new X509Certificate2(certPath, "testPassword"); 42return new X509Certificate2(certPath, "testPassword");

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

src\Shared\TestResources.cs (3)

31return new X509Certificate2(GetCertPath(certName), "testPassword"); 41return new X509Certificate2(GetCertPath(certName), password); 51return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));

System\Net\Quic\QuicConnection.SslConnectionOptions.cs (1)

88certificate = new X509Certificate2(certificatePtr);

System\Net\CertificateValidationPal.Unix.cs (2)

47result = new X509Certificate2(remoteCertificate); 71X509Certificate2 chainCert = new X509Certificate2(certPtr);

System\Net\Security\SslStream.Protocol.cs (1)

291certificateEx = new X509Certificate2(certificate);

System\Net\Security\SslStreamCertificateContext.cs (1)

172return new SslStreamCertificateContext(new X509Certificate2(TargetCertificate), IntermediateCertificates, Trust);

System\Net\Security\SslStreamCertificateContext.Linux.cs (1)

53_privateIntermediateCertificates[i] = new X509Certificate2(intermediates[i]);

System\Security\Cryptography\X509Certificates\CertCollectionLoader.cs (1)

35collection.Add(new X509Certificate2(certPal));

System\Security\Cryptography\X509Certificates\DSACertificateExtensions.cs (1)

59return new X509Certificate2(pal);

System\Security\Cryptography\X509Certificates\ECDsaCertificateExtensions.cs (1)

50return new X509Certificate2(pal);

System\Security\Cryptography\X509Certificates\OpenSslCachedSystemStoreProvider.cs (2)

61X509Certificate2 clone = new X509Certificate2(Interop.Crypto.GetX509StackField(nativeColl, i)); 242X509Certificate2 cert = new X509Certificate2(pal);

System\Security\Cryptography\X509Certificates\OpenSslCertificateAssetDownloader.cs (1)

37certificate = new X509Certificate2(data);

System\Security\Cryptography\X509Certificates\OpenSslCertificateFinder.cs (1)

28return new X509Certificate2(certPal.DuplicateHandles());

System\Security\Cryptography\X509Certificates\OpenSslDirectoryBasedStoreProvider.cs (2)

144using (X509Certificate2 copy = new X509Certificate2(cert.DuplicateHandles())) 232using (X509Certificate2 copy = new X509Certificate2(cert.DuplicateHandles()))

System\Security\Cryptography\X509Certificates\OpenSslSingleCertLoader.cs (1)

31collection.Add(new X509Certificate2(localCert));

System\Security\Cryptography\X509Certificates\OpenSslX509ChainProcessor.cs (1)

892X509Certificate2 elementCert = new X509Certificate2(elementCertPtr);

System\Security\Cryptography\X509Certificates\RSACertificateExtensions.cs (1)

54return new X509Certificate2(pal);

System\Security\Cryptography\X509Certificates\X509Certificate2.cs (5)

779return new X509Certificate2(pal); 878return new X509Certificate2(pal); 982return new X509Certificate2(pal); 1074return new X509Certificate2(pal); 1435/// For PEM-encoded certificates in a file, use <see cref="X509Certificate2(string)" />.

System\Security\Cryptography\X509Certificates\X509CertificateLoader.netcore.cs (3)

27return new X509Certificate2(pal); 36return new X509Certificate2(pal); 142return new X509Certificate2(_pal);

Internal\Cryptography\PkcsHelpers.cs (1)

135X509Certificate2 certCopy = new X509Certificate2(originalCert.Handle);

System\Security\Cryptography\Xml\KeyInfoX509Data.cs (3)

38new X509Certificate2((byte[])null!) : 54X509Certificate2 certificate = new X509Certificate2(cert); 116X509Certificate2 x509 = new X509Certificate2(certificate);

ServiceModel\BasicHttpsBindingTest.cs (1)

75var certificate = new X509Certificate2(certificateBytes);

System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (2)

191ServerCertificate = new X509Certificate2(x509Token.Certificate); 406X509Certificate2 certificate2 = new X509Certificate2(certificate);

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\CertificateManager.cs (1)

457certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

156certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

Program.cs (1)

195cert = new(crt.Export(X509ContentType.Pfx));

Program.cs (1)

81cert = new(crt.Export(X509ContentType.Pfx));

Program.cs (1)

57return new X509Certificate2(certificatePayload, "testPassword");

Configuration\DashboardOptions.cs (2)

312private X509Certificate2? _serverCertificate; 319public X509Certificate2? GetServerCertificate() => _serverCertificate;

Model\DebugSessionHelpers.cs (2)

13public static HttpClient CreateHttpClient(Uri? debugSessionUri, string? token, X509Certificate2? cert, Func<HttpClientHandler, HttpMessageHandler>? createHandler) 59out X509Certificate2? serverCert,

Telemetry\DashboardTelemetrySender.cs (1)

117if (DebugSessionHelpers.HasDebugSession(_options.Value.DebugSession, out var certificate, out var debugSessionUri, out var token))

tests\Shared\Telemetry\TelemetryTestHelpers.cs (2)

327public static X509Certificate2 GenerateDummyCertificate() 336var certificate = request.CreateSelfSigned(

Integration\IntegrationTestHelpers.cs (6)

24private static readonly X509Certificate2 s_testCertificate = TestCertificateLoader.GetTestCertificate(); 114Action<X509Certificate2?>? validationCallback = null, 123validationCallback?.Invoke((X509Certificate2)cert!); 139Action<X509Certificate2?>? validationCallback = null, 155Action<X509Certificate2?>? validationCallback = null, 184validationCallback?.Invoke((X509Certificate2)cert!);

Integration\OtlpGrpcServiceTests.cs (5)

239X509Certificate2? clientCallbackCert = null; 313var clientCertificate = TestCertificateLoader.GetTestCertificate("eku.client.pfx"); 332var clientCertificate = TestCertificateLoader.GetTestCertificate("eku.client.pfx"); 333X509Certificate2? clientCallbackCert = null; 372X509Certificate2? clientCallbackCert = null;

Integration\OtlpHttpServiceTests.cs (1)

187X509Certificate2? clientCallbackCert = null;

Integration\StartupTests.cs (2)

273var testCert = TelemetryTestHelpers.GenerateDummyCertificate(); 290var cert = app.DashboardOptionsMonitor.CurrentValue.DebugSession.GetServerCertificate();

tests\Shared\Telemetry\TelemetryTestHelpers.cs (2)

327public static X509Certificate2 GenerateDummyCertificate() 336var certificate = request.CreateSelfSigned(

tests\Shared\TestCertificateLoader.cs (2)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 25public static X509Certificate2 GetTestCertificate(string certName, string password)

ServiceHelper.cs (4)

46public static X509Certificate2 GetServiceCertificate() 49X509Certificate2 foundCert = null; 57foreach (var cert in certificates) 75foreach (var cert in certificates)

UDSBindingTests.cs (1)

113var cert = ServiceHelper.GetServiceCertificate();

Program.cs (1)

26var serverCertificate = CertificateLoader.LoadFromStoreCert(

ExpectedExceptionTests.4.0.0.cs (1)

399public override void Validate(X509Certificate2 certificate)

GeneratorTests.cs (1)

455MetadataReference.CreateFromFile(typeof(X509Certificate2).Assembly.Location)

Program.cs (6)

304var validCertificates = new List<X509Certificate2>(); 312foreach (var certificate in certificates) 353private static void ReportCertificates(IReporter reporter, IReadOnlyList<X509Certificate2> certificates, string certificateState) 380foreach (var certificate in certificates) 505public static CertificateReport FromX509Certificate2(X509Certificate2 cert) 532static List<string> GetSanExtension(X509Certificate2 cert)

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

CmdCredentialsProvider.cs (6)

81foreach (X509Certificate2 certificate in certificateStore.Certificates) 131X509Certificate2 cert = null; 141private X509Certificate2 SelectCertificateFromCollection(X509Certificate2Collection selectedCerts, Uri serviceUri) 149var candidateCerts = new List<X509Certificate2>(); 151foreach (var cert in selectedCerts) 171var selectedCert = candidateCerts[idx - 1];

FrameworkFork\System.ServiceModel\System\IdentityModel\Claims\X509CertificateClaimSet.cs (8)

16private X509Certificate2 _certificate; 25public X509CertificateClaimSet(X509Certificate2 certificate) 30internal X509CertificateClaimSet(X509Certificate2 certificate, bool clone) 122public X509Certificate2 X509Certificate 299private static string[] GetDnsFromExtensions(X509Certificate2 cert) 493private X509Certificate2 _certificate; 498public X509Identity(X509Certificate2 certificate) 509internal X509Identity(X509Certificate2 certificate, bool clone, bool disposable)

FrameworkFork\System.ServiceModel\System\IdentityModel\SecurityUtils.cs (3)

286internal static string GetCertificateId(X509Certificate2 certificate) 293internal static void AppendCertificateIdentityName(StringBuilder str, X509Certificate2 certificate) 385internal static void ResetCertificate(X509Certificate2 certificate)

FrameworkFork\System.ServiceModel\System\IdentityModel\Selectors\X509CertificateValidator.cs (3)

45public abstract void Validate(X509Certificate2 certificate); 49public override void Validate(X509Certificate2 certificate) 76public override void Validate(X509Certificate2 certificate)

FrameworkFork\System.ServiceModel\System\IdentityModel\Selectors\X509SecurityTokenProvider.cs (3)

15private X509Certificate2 _certificate; 17public X509SecurityTokenProvider(X509Certificate2 certificate) 58public X509Certificate2 Certificate

FrameworkFork\System.ServiceModel\System\IdentityModel\Tokens\X509SecurityToken.cs (8)

15private X509Certificate2 _certificate; 22public X509SecurityToken(X509Certificate2 certificate) 27public X509SecurityToken(X509Certificate2 certificate, string id) 32internal X509SecurityToken(X509Certificate2 certificate, bool clone) 37internal X509SecurityToken(X509Certificate2 certificate, bool clone, bool disposable) 42internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone) 47internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone, bool disposable) 104public X509Certificate2 Certificate

FrameworkFork\System.ServiceModel\System\IdentityModel\Tokens\X509WindowsSecurityToken.cs (5)

17public X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity) 22public X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string id) 27public X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string authenticationType, string id) 32internal X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string authenticationType, bool clone) 37internal X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string authenticationType, string id, bool clone)

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\ClientWebSocketTransportDuplexSessionChannel.cs (2)

81X509Certificate2 clientCertificate = null; 190private async Task<WebSocket> CreateWebSocketWithFactoryAsync(X509Certificate2 certificate, TimeoutHelper timeoutHelper)

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\HttpsChannelFactory.cs (2)

23private Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> _remoteCertificateValidationCallback; 186private bool RemoteCertificateValidationCallback(HttpRequestMessage sender, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\ServiceModelHttpMessageHandler.CoreClr.cs (1)

72public Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool>

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (5)

31private X509Certificate2 _serverCertificate; 108public X509Certificate2 ServerCertificate 312private X509Certificate2 _clientCertificate = null; 402X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle); 640X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle);

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\TransportSecurityHelpers.cs (5)

373private static Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> ChainValidator(Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> previousValidator) 380Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> chained = 393private static bool OnValidateServerCertificate(HttpRequestMessage request, X509Certificate2 certificate, X509Chain chain, 427private static void ValidateServerCertificate(X509Certificate2 certificate, string thumbprint)

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\SecurityUtils.cs (7)

597internal static void AppendCertificateIdentityName(StringBuilder str, X509Certificate2 certificate) 857internal static bool TryCreateX509CertificateFromRawData(byte[] rawData, out X509Certificate2 certificate) 882internal static X509Certificate2 GetCertificateFromStore(StoreName storeName, StoreLocation storeLocation, 885X509Certificate2 certificate = GetCertificateFromStoreCore(storeName, storeLocation, findType, findValue, target, true); 893X509FindType findType, object findValue, EndpointAddress target, out X509Certificate2 certificate) 899private static X509Certificate2 GetCertificateFromStoreCore(StoreName storeName, StoreLocation storeLocation, 1006internal static void ResetCertificate(X509Certificate2 certificate)

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\WSSecurityJan2004.cs (1)

485X509Certificate2 certificate;

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\X509CertificateInitiatorClientCredential.cs (2)

15private X509Certificate2 _certificate; 29public X509Certificate2 Certificate

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\X509CertificateRecipientClientCredential.cs (7)

19private X509Certificate2 _defaultCertificate; 20private Dictionary<Uri, X509Certificate2> _scopedCertificates; 26_scopedCertificates = new Dictionary<Uri, X509Certificate2>(); 38_scopedCertificates = new Dictionary<Uri, X509Certificate2>(); 46public X509Certificate2 DefaultCertificate 59public Dictionary<Uri, X509Certificate2> ScopedCertificates 127X509Certificate2 certificate = SecurityUtils.GetCertificateFromStore(storeName, storeLocation, findType, findValue, null);

FrameworkFork\System.ServiceModel\System\ServiceModel\X509CertificateEndpointIdentity.cs (3)

19public X509CertificateEndpointIdentity(X509Certificate2 certificate) 29public X509CertificateEndpointIdentity(X509Certificate2 primaryCertificate, X509Certificate2Collection supportingCertificates) 59X509Certificate2 certificate = new X509Certificate2(Convert.FromBase64String(reader.ReadElementString()));

Program.cs (1)

27var cert = CertificateLoader.LoadFromStoreCert("localhost", StoreName.My.ToString(), StoreLocation.CurrentUser, false);

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

Program.cs (1)

402X509Certificate2 cert = certReq.CreateSelfSigned(DateTimeOffset.UtcNow.AddMonths(-1), DateTimeOffset.UtcNow.AddMonths(1));

src\Servers\IIS\IIS\test\Common.FunctionalTests\HttpsTests.cs (2)

79X509Certificate2 cert = null; 111foreach (var otherCert in store.Certificates)

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (5)

13private X509Certificate2 _certificate; 16public X509Certificate2 GetOrCreateCertificate() 50var parentCert = parentRequest.CreateSelfSigned(notBefore, notAfter); 53var imported = parentCert; 83var cert = store.Certificates[i];

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (5)

13private X509Certificate2 _certificate; 16public X509Certificate2 GetOrCreateCertificate() 50var parentCert = parentRequest.CreateSelfSigned(notBefore, notAfter); 53var imported = parentCert; 83var cert = store.Certificates[i];

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (5)

13private X509Certificate2 _certificate; 16public X509Certificate2 GetOrCreateCertificate() 50var parentCert = parentRequest.CreateSelfSigned(notBefore, notAfter); 53var imported = parentCert; 83var cert = store.Certificates[i];

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (5)

13private X509Certificate2 _certificate; 16public X509Certificate2 GetOrCreateCertificate() 50var parentCert = parentRequest.CreateSelfSigned(notBefore, notAfter); 53var imported = parentCert; 83var cert = store.Certificates[i];

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (5)

13private X509Certificate2 _certificate; 16public X509Certificate2 GetOrCreateCertificate() 50var parentCert = parentRequest.CreateSelfSigned(notBefore, notAfter); 53var imported = parentCert; 83var cert = store.Certificates[i];

src\Servers\IIS\IIS\test\Common.FunctionalTests\HttpsTests.cs (2)

79X509Certificate2 cert = null; 111foreach (var otherCert in store.Certificates)

src\Servers\IIS\IIS\test\Common.FunctionalTests\Infrastructure\ClientCertificateFixture.cs (5)

13private X509Certificate2 _certificate; 16public X509Certificate2 GetOrCreateCertificate() 50var parentCert = parentRequest.CreateSelfSigned(notBefore, notAfter); 53var imported = parentCert; 83var cert = store.Certificates[i];

CertificateManager.cs (24)

88public static X509Certificate2 AddToStoreIfNeeded(StoreName storeName, 90X509Certificate2 certificate) 92X509Certificate2 resultCert = null; 134public static X509Certificate2 AddToOSXKeyChainIfNeeded(SafeKeychainHandle keychain, 135X509Certificate2 certificate) 137X509Certificate2 resultCert = null; 151var publicOnly = new X509Certificate2(certificate.RawData); 168private static X509Certificate2 CertificateFromThumbprint(X509Store store, string thumbprint, bool validOnly) 174private static X509Certificate2 CertificateFromThumbprint(StoreName storeName, 179X509Certificate2 resultCert = null; 189private static X509Certificate2 KeychainCertificateFromThumbprint(string thumbprint, bool validOnly) 191X509Certificate2 resultCert = null; 204public static X509Certificate2 RootCertificateFromThumprint(string thumbprint, bool validOnly) 210public static X509Certificate2 ClientCertificateFromThumprint(string thumbprint, bool validOnly) 216public static X509Certificate2 PeerCertificateFromThumprint(string thumbprint, bool validOnly) 222public static X509Certificate2 OSXLocalKeychainCertificateFromThumprint(string thumbprint, bool validOnly) 230public static X509Certificate2 InstallCertificateToRootStore(X509Certificate2 certificate) 240public static X509Certificate2 InstallCertificateToMyStore(X509Certificate2 certificate) 253public static X509Certificate2 InstallCertificateToTrustedPeopleStore(X509Certificate2 certificate) 268public static X509Certificate2 InstallCertificateToOSXKeychainStore(X509Certificate2 certificate)

ServiceUtilHelper.cs (19)

CertificateLoaderTests.cs (4)

21var cert = new X509Certificate2(certPath, "testPassword"); 34var cert = new X509Certificate2(certPath, "testPassword"); 49var cert = new X509Certificate2(certPath, "testPassword"); 64var cert = new X509Certificate2(certPath, "testPassword");

EventSourceTests.cs (1)

25private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate();

Http2\TlsTests.cs (1)

27private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate();

HttpsConnectionMiddlewareTests.cs (15)

31private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate(); 32private static readonly X509Certificate2 _x509Certificate2NoExt = TestResources.GetTestCertificate("no_extensions.pfx"); 557var clientCert = await context.Connection.GetClientCertificateAsync(); 601var clientCert = await context.Connection.GetClientCertificateAsync(); 685var clientCert = await context.Connection.GetClientCertificateAsync(); 733var clientCert = await context.Connection.GetClientCertificateAsync(); 775var clientCert = await context.Connection.GetClientCertificateAsync(); 808(var clientCertificate, var clientChain) = CertHelper.GenerateCertificates(nameof(ServerCertificateChainInExtraStore), longChain: true, serverCertificate: false); 1042var clientCert = await context.Connection.GetClientCertificateAsync(); 1311var cert = new X509Certificate2(certPath, "testPassword"); 1324var cert = new X509Certificate2(certPath, "testPassword"); 1343var cert = new X509Certificate2(certPath, "testPassword"); 1364var cert = new X509Certificate2(certPath, "testPassword"); 1468private static HttpsConnectionMiddleware CreateMiddleware(X509Certificate2 serverCertificate) 1514private static SslStream OpenSslStreamWithCert(Stream rawStream, X509Certificate2 clientCertificate = null)

HttpsTests.cs (3)

29private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate(); 716var testCert = _x509Certificate2; 752var testCert = _x509Certificate2;

KestrelMetricsTests.cs (1)

29private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate();

src\Servers\Kestrel\shared\test\CertHelper.cs (5)

72foreach (X509Certificate2 cert in store.Certificates) 89foreach (X509Certificate2 cert in store.Certificates) 121internal static (X509Certificate2 certificate, X509Certificate2Collection) GenerateCertificates(string targetName, [CallerMemberName] string? testName = null, bool longChain = false, bool serverCertificate = true) 137out X509Certificate2 endEntity, 164X509Certificate2 ephemeral = endEntity;

src\Servers\Kestrel\shared\test\CertificateAuthority.cs (19)

78private X509Certificate2 _cert; 88private X509Certificate2 _ocspResponder; 106X509Certificate2 cert, 127internal X509Certificate2 CloneIssuerCert() 132internal void Revoke(X509Certificate2 certificate, DateTimeOffset revocationTime) 149internal X509Certificate2 CreateSubordinateCA( 167internal X509Certificate2 CreateEndEntity(string subject, RSA publicKey, X509ExtensionCollection extensions) 176internal X509Certificate2 CreateOcspSigner(string subject, RSA publicKey) 222X509Certificate2 dispose = _cert; 226using (X509Certificate2 tmp = req.Create( 237private X509Certificate2 CreateCertificate( 500internal void DesignateOcspResponder(X509Certificate2 responder) 513X509Certificate2 responder = (_ocspResponder ?? _cert); 793out X509Certificate2 endEntityCert, 838X509Certificate2 rootCert = rootReq.CreateSelfSigned(start.AddDays(-2), end.AddDays(2)); 859X509Certificate2 intermedCert; 862X509Certificate2 intermedPub = issuingAuthority.CreateSubordinateCA( 891X509Certificate2 tmp = endEntityCert; 912out X509Certificate2 endEntityCert,

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

TlsListenerTests.cs (1)

29private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate();

src\Servers\IIS\IIS\test\testassets\InProcessWebSite\Startup.cs (1)

144var clientCert = context.Connection.ClientCertificate;

Http3\Http3TlsTests.cs (1)

433var expectedCertificate = new X509Certificate2(TestResources.GetCertPath("aspnetdevcert.pfx"), "testPassword", X509KeyStorageFlags.Exportable);

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

InteropClient.cs (1)

165var cert = new X509Certificate2(certData!);

ClientCertBufferingFeature.cs (2)

51public X509Certificate2 ClientCertificate 57public async Task<X509Certificate2> GetClientCertificateAsync(CancellationToken cancellationToken)

Startup.cs (2)

51var cert = await context.Connection.GetClientCertificateAsync(); 128var localhostCert = CertificateLoader.LoadFromStoreCert("localhost", "My", StoreLocation.CurrentUser, allowInvalid: true);

CertificateAuthenticationHandler.cs (4)

59var clientCertificate = await Context.Connection.GetClientCertificateAsync(); 115private async Task<AuthenticateResult> ValidateCertificateAsync(X509Certificate2 clientCertificate) 187private X509ChainPolicy BuildChainPolicy(X509Certificate2 certificate, bool isCertificateSelfSigned) 237private ClaimsPrincipal CreatePrincipal(X509Certificate2 certificate)

CertificateValidationCache.cs (3)

41public AuthenticateResult? Get(HttpContext context, X509Certificate2 certificate) 50public void Put(HttpContext context, X509Certificate2 certificate, AuthenticateResult result) 65private static string ComputeKey(X509Certificate2 certificate)

Events\CertificateValidatedContext.cs (1)

31public X509Certificate2 ClientCertificate { get; set; } = default!;

ICertificateValidationCache.cs (2)

20AuthenticateResult? Get(HttpContext context, X509Certificate2 certificate); 28void Put(HttpContext context, X509Certificate2 certificate, AuthenticateResult result);

X509CertificateExtensions.cs (3)

10/// Extension methods for <see cref="X509Certificate2"/>. 17/// <param name="certificate">The <see cref="X509Certificate2"/>.</param> 19public static bool IsSelfSigned(this X509Certificate2 certificate)

CertificateTests.cs (1)

789X509Certificate2 clientCertificate = null,

src\Shared\test\Certificates\Certificates.cs (10)

DataProtectionBuilderExtensions.cs (3)

215public static IDataProtectionBuilder ProtectKeysWithCertificate(this IDataProtectionBuilder builder, X509Certificate2 certificate) 274public static IDataProtectionBuilder UnprotectKeysWithAnyCertificate(this IDataProtectionBuilder builder, params X509Certificate2[] certificates) 282foreach (var certificate in certificates)

XmlEncryption\CertificateResolver.cs (4)

18/// Locates an <see cref="X509Certificate2"/> given its thumbprint. 21/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns> 22public virtual X509Certificate2? ResolveCertificate(string thumbprint) 35private static X509Certificate2? GetCertificateFromStore(StoreLocation location, string thumbprint)

XmlEncryption\CertificateXmlEncryptor.cs (7)

21private readonly Func<X509Certificate2> _certFactory; 40/// Creates a <see cref="CertificateXmlEncryptor"/> given an <see cref="X509Certificate2"/> instance 43public CertificateXmlEncryptor(X509Certificate2 certificate, ILoggerFactory loggerFactory) 101private Func<X509Certificate2> CreateCertFactory(string thumbprint, ICertificateResolver resolver) 107var cert = resolver.ResolveCertificate(thumbprint); 125var cert = _certFactory() 126?? CryptoUtil.Fail<X509Certificate2>("Cert factory returned null.");

XmlEncryption\EncryptedXmlDecryptor.cs (3)

87/// Can decrypt the XML key data from an <see cref="X509Certificate2"/> that is not in stored in <see cref="X509Store"/>. 139if (!(certEnum.Current is X509Certificate2 certInfo)) 149foreach (var keyDecryptionCert in keyDecryptionCerts)

XmlEncryption\ICertificateResolver.cs (4)

9/// Provides services for locating <see cref="X509Certificate2"/> instances. 14/// Locates an <see cref="X509Certificate2"/> given its thumbprint. 17/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns> 18X509Certificate2? ResolveCertificate(string thumbprint);

XmlEncryption\XmlKeyDecryptionOptions.cs (7)

16private readonly Dictionary<string, List<X509Certificate2>> _certs = new Dictionary<string, List<X509Certificate2>>(StringComparer.Ordinal); 20public bool TryGetKeyDecryptionCertificates(X509Certificate2 certInfo, [NotNullWhen(true)] out IReadOnlyList<X509Certificate2>? keyDecryptionCerts) 28public void AddKeyDecryptionCertificate(X509Certificate2 certificate) 33certificates = _certs[key] = new List<X509Certificate2>(); 38private static string GetKey(X509Certificate2 cert) => cert.Thumbprint;

DataProtectionProvider.cs (10)

67/// the platform and operating system and uses the given <see cref="X509Certificate2"/> to encrypt the keys. 71/// <param name="certificate">The <see cref="X509Certificate2"/> to be used for encryption.</param> 72public static IDataProtectionProvider Create(string applicationName, X509Certificate2 certificate) 85/// and a <see cref="X509Certificate2"/> used to encrypt the keys. 89/// <param name="certificate">The <see cref="X509Certificate2"/> to be used for encryption.</param> 92X509Certificate2 certificate) 102/// optional configuration callback and a <see cref="X509Certificate2"/> used to encrypt the keys. 108/// <param name="certificate">The <see cref="X509Certificate2"/> to be used for encryption.</param> 112X509Certificate2 certificate) 124X509Certificate2? certificate)

DataProtectionProviderTests.cs (10)

122using (var imported = new X509Certificate2(filePath, "password", X509KeyStorageFlags.Exportable)) 135var certificate = certificateStore.Certificates.Find(X509FindType.FindBySubjectName, "TestCert", false)[0]; 148var certWithoutKey = new X509Certificate2(Path.Combine(GetTestFilesPath(), "TestCertWithoutPrivateKey.pfx"), "password"); 176var certWithoutKey = new X509Certificate2(Path.Combine(GetTestFilesPath(), "TestCert3WithoutPrivateKey.pfx"), "password3", X509KeyStorageFlags.Exportable); 187var certInStore = certificateStore.Certificates.Find(X509FindType.FindBySubjectName, "TestCert", false)[0]; 193var certWithKey = new X509Certificate2(Path.Combine(GetTestFilesPath(), "TestCert3.pfx"), "password3"); 217var certificate = new X509Certificate2(filePath, "password"); 246var certificate = new X509Certificate2(filePath, "password"); 266private static void AssetStoreDoesNotContain(X509Certificate2 certificate) 288var certificate = new X509Certificate2(filePath, "password");

XmlEncryption\EncryptedXmlDecryptorTests.cs (7)

18var testCert1 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 32var testCert1 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 33var testCert2 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert2.pfx"), "password"); 50var fullCert = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 51var publicKeyOnly = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.PublicKeyOnly.cer"), ""); 68var testCert1 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert1.pfx"), "password"); 69var testCert2 = new X509Certificate2(Path.Combine(AppContext.BaseDirectory, "TestFiles", "TestCert2.pfx"), "password");

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

CertificateManagerTests.cs (20)

Internal\JsonTranscodingServerCallContext.cs (1)

188var clientCertificate = HttpContext.Connection.ClientCertificate;

src\Grpc\JsonTranscoding\src\Shared\AuthContextHelpers.cs (1)

27public static AuthContext CreateAuthContext(X509Certificate2 clientCertificate)

src\Grpc\JsonTranscoding\src\Shared\X509CertificateHelpers.cs (1)

33public static string[] GetDnsFromExtensions(X509Certificate2 cert)

Features\TlsConnectionFeature.cs (2)

14public X509Certificate2? ClientCertificate { get; set; } 17public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken)

Internal\DefaultConnectionInfo.cs (2)

80public override X509Certificate2? ClientCertificate 86public override Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken = default)

ConnectionInfo.cs (4)

48public abstract X509Certificate2? ClientCertificate { get; set; } 53/// <returns>Asynchronously returns an <see cref="X509Certificate2" />. Can be null.</returns> 54public abstract Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken = new CancellationToken()); 85public X509Certificate2? ClientCertificate => _info.ClientCertificate;

RequestDelegateFactoryTests.cs (3)

3843public TlsConnectionFeature(X509Certificate2 clientCertificate) 3848public X509Certificate2? ClientCertificate { get; set; } 3850public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken)

RequestDelegateGenerator\RequestDelegateCreationTests.Forms.cs (1)

497var clientCertificate = new X509Certificate2();

RequestDelegateGenerator\SharedTypes.cs (3)

542public TlsConnectionFeature(X509Certificate2 clientCertificate) 547public X509Certificate2 ClientCertificate { get; set; } 549public Task<X509Certificate2> GetClientCertificateAsync(CancellationToken cancellationToken)

ITlsConnectionFeature.cs (2)

16X509Certificate2? ClientCertificate { get; set; } 21Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken);

src\Http\Http.Extensions\test\RequestDelegateGenerator\SharedTypes.cs (3)

542public TlsConnectionFeature(X509Certificate2 clientCertificate) 547public X509Certificate2 ClientCertificate { get; set; } 549public Task<X509Certificate2> GetClientCertificateAsync(CancellationToken cancellationToken)

CertificateForwardingFeature.cs (7)

16private Task<X509Certificate2?>? _certificateTask; 25public X509Certificate2? ClientCertificate 28set => _certificateTask = value is not null ? Task.FromResult<X509Certificate2?>(value) : null; 31public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken) 37var certificate = _options.HeaderConverter(_header.ToString()); 38_certificateTask = Task.FromResult<X509Certificate2?>(certificate); 44return Task.FromResult<X509Certificate2?>(null);

CertificateForwardingOptions.cs (2)

22/// The function used to convert the header to an instance of <see cref="X509Certificate2"/>. 27public Func<string, X509Certificate2> HeaderConverter = (headerValue) => new X509Certificate2(Convert.FromBase64String(headerValue));

src\Shared\test\Certificates\Certificates.cs (10)

OwinEnvironment.cs (1)

445{ OwinConstants.CommonKeys.ClientCertificate, new FeatureMap<ITlsConnectionFeature>(feature => feature.ClientCertificate, (feature, value) => feature.ClientCertificate = (X509Certificate2)value) },

OwinFeatureCollection.cs (4)

256X509Certificate2 ITlsConnectionFeature.ClientCertificate 258get { return Prop<X509Certificate2>(OwinConstants.CommonKeys.ClientCertificate); } 262async Task<X509Certificate2> ITlsConnectionFeature.GetClientCertificateAsync(CancellationToken cancellationToken) 269return Prop<X509Certificate2>(OwinConstants.CommonKeys.ClientCertificate);

RequestProcessing\ClientCertLoader.cs (3)

29private X509Certificate2? _clientCert; 49internal X509Certificate2? ClientCert 201private void Complete(int certErrors, X509Certificate2? cert)

RequestProcessing\Request.cs (3)

23private X509Certificate2? _clientCert; 372public X509Certificate2? ClientCertificate 401public async Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken = default(CancellationToken))

RequestProcessing\RequestContext.FeatureCollection.cs (6)

60private X509Certificate2? _clientCert; 61private Task<X509Certificate2?>? _clientCertTask; 327X509Certificate2? ITlsConnectionFeature.ClientCertificate 351Task<X509Certificate2?> ITlsConnectionFeature.GetClientCertificateAsync(CancellationToken cancellationToken) 359var clientCert = tlsFeature.ClientCertificate; // Lazy initialized 370async Task<X509Certificate2?> GetCertificateAsync(CancellationToken cancellation)

src\Shared\HttpSys\RequestProcessing\NativeRequestContext.cs (2)

781internal X509Certificate2? GetClientCertificate() 798private X509Certificate2? GetClientCertificate(IntPtr baseAddress, HTTP_REQUEST_V2* nativeRequest)

HttpsTests.cs (5)

22private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate("eku.client.pfx"); 84var cert = await tls.GetClientCertificateAsync(CancellationToken.None); 109var cert = await tls.GetClientCertificateAsync(CancellationToken.None); 319private X509Certificate2 FindClientCert() 324foreach (var cert in store.Certificates)

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

Core\IISHttpContext.FeatureCollection.cs (3)

45private X509Certificate2? _certificate; 378Task<X509Certificate2?> ITlsConnectionFeature.GetClientCertificateAsync(CancellationToken cancellationToken) 383unsafe X509Certificate2? ITlsConnectionFeature.ClientCertificate

src\Shared\HttpSys\RequestProcessing\NativeRequestContext.cs (2)

781internal X509Certificate2? GetClientCertificate() 798private X509Certificate2? GetClientCertificate(IntPtr baseAddress, HTTP_REQUEST_V2* nativeRequest)

ForwardedTlsConnectionFeature.cs (3)

14private X509Certificate2? _certificate; 23public X509Certificate2? ClientCertificate 48public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken)

CertificateLoader.cs (9)

31public static X509Certificate2 LoadFromStoreCert(string subject, string storeName, StoreLocation storeLocation, bool allowInvalid) 36X509Certificate2? foundCertificate = null; 42foreach (var certificate in storeCertificates.Find(X509FindType.FindBySubjectName, subject, !allowInvalid) 43.OfType<X509Certificate2>() 72internal static bool IsCertificateAllowedForServerAuth(X509Certificate2 certificate) 106internal static bool DoesCertificateHaveAnAccessiblePrivateKey(X509Certificate2 certificate) 109internal static bool DoesCertificateHaveASubjectAlternativeName(X509Certificate2 certificate) 112private static void DisposeCertificates(X509Certificate2Collection? certificates, X509Certificate2? except) 116foreach (var certificate in certificates)

HttpsConnectionAdapterOptions.cs (3)

39public X509Certificate2? ServerCertificate { get; set; } 57public Func<ConnectionContext?, string?, X509Certificate2?>? ServerCertificateSelector { get; set; } 73public Func<X509Certificate2, X509Chain?, SslPolicyErrors, bool>? ClientCertificateValidation { get; set; }

IHttpsConfigurationService.cs (3)

92public readonly X509Certificate2 Certificate; 96public CertificateAndConfig(X509Certificate2 certificate, CertificateConfig certificateConfig) 104public CertificateAndConfig(X509Certificate2 certificate, CertificateConfig certificateConfig, X509Certificate2Collection certificateChain)

Internal\Certificates\CertificateConfigLoader.cs (9)

26public (X509Certificate2?, X509Certificate2Collection?) LoadCertificate(CertificateConfig? certInfo, string endpointName) 46var certificate = GetCertificate(certificatePath); 84private static X509Certificate2 PersistKey(X509Certificate2 fullCertificate) 92private static X509Certificate2 LoadCertificateKey(X509Certificate2 certificate, string keyPath, string? password) 155private static X509Certificate2? GetCertificate(string certificatePath) 157if (X509Certificate2.GetCertContentType(certificatePath) == X509ContentType.Cert) 177private static X509Certificate2 LoadFromStoreCert(CertificateConfig certInfo)

Internal\Certificates\ICertificateConfigLoader.cs (1)

12(X509Certificate2?, X509Certificate2Collection?) LoadCertificate(CertificateConfig? certInfo, string endpointName);

Internal\LoggerExtensions.cs (1)

18public static void LocatedDevelopmentCertificate(this ILogger<KestrelServer> logger, X509Certificate2 certificate) => LocatedDevelopmentCertificate(logger, certificate.Subject, certificate.Thumbprint);

Internal\SniOptionsSelector.cs (4)

25private readonly Func<ConnectionContext, string?, X509Certificate2?>? _fallbackServerCertificateSelector; 75sslOptions.ServerCertificateContext = SslStreamCertificateContext.Create((X509Certificate2)sslOptions.ServerCertificate, additionalCertificates: fullChain); 78if (!certifcateConfigLoader.IsTestMock && sslOptions.ServerCertificate is X509Certificate2 cert2) 159var fallbackCertificate = _fallbackServerCertificateSelector(connection, serverName);

Internal\TlsConnectionFeature.cs (7)

19private X509Certificate2? _clientCert; 20private Task<X509Certificate2?>? _clientCertTask; 33public X509Certificate2? ClientCertificate 76public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken) 95private async Task<X509Certificate2?> GetClientCertificateAsyncCore(CancellationToken cancellationToken) 122private static X509Certificate2? ConvertToX509Certificate2(X509Certificate? certificate) 127X509Certificate2 cert2 => cert2,

KestrelConfigurationLoader.cs (1)

78internal X509Certificate2? DefaultCertificate { get; set; }

KestrelServerOptions.cs (6)

207internal X509Certificate2? DevelopmentCertificate { get; private set; } 212internal X509Certificate2? TestOverrideDefaultCertificate { get; set; } 297if (TestOverrideDefaultCertificate is X509Certificate2 certificateFromTest) 303if (ConfigurationLoader?.DefaultCertificate is X509Certificate2 certificateFromLoader) 378private static X509Certificate2? GetDevelopmentCertificateFromStore(ILogger<KestrelServer> logger) 384var cert = certs.Count > 0 ? certs[0] : null;

ListenOptionsHttpsExtensions.cs (2)

126public static ListenOptions UseHttps(this ListenOptions listenOptions, X509Certificate2 serverCertificate) 143public static ListenOptions UseHttps(this ListenOptions listenOptions, X509Certificate2 serverCertificate,

Middleware\HttpsConnectionMiddleware.cs (14)

41private readonly X509Certificate2? _serverCertificate; 42private readonly Func<ConnectionContext, string?, X509Certificate2?>? _serverCertificateSelector; 101var certificate = _serverCertificate; 264private X509Certificate2 LocateCertificateWithPrivateKey(X509Certificate2 certificate) 340var cert = _serverCertificateSelector(context, name); 390Func<X509Certificate2, X509Chain?, SslPolicyErrors, bool>? clientCertificateValidation, 408var certificate2 = ConvertToX509Certificate2(certificate); 481internal static void EnsureCertificateIsAllowedForServerAuth(X509Certificate2 certificate, ILogger<HttpsConnectionMiddleware> logger) 493private static X509Certificate2? ConvertToX509Certificate2(X509Certificate? certificate) 500if (certificate is X509Certificate2 cert2) 569var cert = httpsOptions.ServerCertificateSelector(null, host); 612public static void LocatingCertWithPrivateKey(this ILogger<HttpsConnectionMiddleware> logger, X509Certificate2 certificate) => LocatingCertWithPrivateKey(logger, certificate.Thumbprint); 617public static void FoundCertWithPrivateKey(this ILogger<HttpsConnectionMiddleware> logger, X509Certificate2 certificate, StoreLocation storeLocation)

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

TlsConfigurationLoader.cs (2)

161var certificate = new X509Certificate2(certificatePath, certificateConfig.Password); 181private static bool IsDevelopmentCertificate(X509Certificate2 certificate)

SniOptionsSelectorTests.cs (5)

22private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate(); 470var selectorCertificate = _x509Certificate2; 557var selectorCertificate = _x509Certificate2; 932public (X509Certificate2, X509Certificate2Collection) LoadCertificate(CertificateConfig certInfo, string endpointName) 939var cert = TestResources.GetTestCertificate();

src\Servers\Kestrel\shared\test\CertHelper.cs (5)

72foreach (X509Certificate2 cert in store.Certificates) 89foreach (X509Certificate2 cert in store.Certificates) 121internal static (X509Certificate2 certificate, X509Certificate2Collection) GenerateCertificates(string targetName, [CallerMemberName] string? testName = null, bool longChain = false, bool serverCertificate = true) 137out X509Certificate2 endEntity, 164X509Certificate2 ephemeral = endEntity;

src\Servers\Kestrel\shared\test\CertificateAuthority.cs (19)

78private X509Certificate2 _cert; 88private X509Certificate2 _ocspResponder; 106X509Certificate2 cert, 127internal X509Certificate2 CloneIssuerCert() 132internal void Revoke(X509Certificate2 certificate, DateTimeOffset revocationTime) 149internal X509Certificate2 CreateSubordinateCA( 167internal X509Certificate2 CreateEndEntity(string subject, RSA publicKey, X509ExtensionCollection extensions) 176internal X509Certificate2 CreateOcspSigner(string subject, RSA publicKey) 222X509Certificate2 dispose = _cert; 226using (X509Certificate2 tmp = req.Create( 237private X509Certificate2 CreateCertificate( 500internal void DesignateOcspResponder(X509Certificate2 responder) 513X509Certificate2 responder = (_ocspResponder ?? _cert); 793out X509Certificate2 endEntityCert, 838X509Certificate2 rootCert = rootReq.CreateSelfSigned(start.AddDays(-2), end.AddDays(2)); 859X509Certificate2 intermedCert; 862X509Certificate2 intermedPub = issuingAuthority.CreateSubordinateCA( 891X509Certificate2 tmp = endEntityCert; 912out X509Certificate2 endEntityCert,

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

KestrelConfigurationLoaderTests.cs (21)

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

Internal\QuicConnectionContext.FeatureCollection.cs (6)

12private X509Certificate2? _clientCert; 13private Task<X509Certificate2?>? _clientCertTask; 26public X509Certificate2? ClientCertificate 36public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken) 47private static X509Certificate2? ConvertToX509Certificate2(X509Certificate? certificate) 52X509Certificate2 cert2 => cert2,

QuicConnectionListenerTests.cs (2)

118var testCert = TestResources.GetTestCertificate(); 139static void AssertTlsConnectionFeature(IFeatureCollection features, X509Certificate2 testCert)

QuicTestHelpers.cs (1)

82var cert = TestResources.GetTestCertificate();

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

src\Shared\HttpSys\RequestProcessing\NativeRequestContext.cs (2)

781internal X509Certificate2? GetClientCertificate() 798private X509Certificate2? GetClientCertificate(IntPtr baseAddress, HTTP_REQUEST_V2* nativeRequest)

src\SignalR\common\Shared\TestCertificates.cs (1)

12internal static X509Certificate2 GetTestCert()

FakeCertificateHttpClientHandler.cs (1)

12public FakeCertificateHttpClientHandler(X509Certificate2 certificate)

FakeCertificateOptions.cs (1)

10public X509Certificate2? Certificate { get; set; }

FakeSslCertificateFactory.cs (3)

19/// Creates a self-signed <see cref="X509Certificate2"/> instance for testing. 21/// <returns>An <see cref="X509Certificate2"/> instance for testing.</returns> 23public static X509Certificate2 CreateSslCertificate()

ServiceFakesHostExtensions.cs (1)

45var certificate = host.Services.GetService<IOptions<FakeCertificateOptions>>()?.Value.Certificate;

ServiceFakesWebHostExtensions.cs (1)

46public static IWebHostBuilder ListenHttpsOnAnyPort(this IWebHostBuilder builder, X509Certificate2? sslCertificate = null)

FakeCertificateFactoryTests.cs (1)

17using var certificate = FakeSslCertificateFactory.CreateSslCertificate();

FakeCertificateHttpClientHandlerTests.cs (2)

16private readonly X509Certificate2 _certificate = FakeSslCertificateFactory.CreateSslCertificate(); 17private readonly X509Certificate2 _anotherCertificate = FakeSslCertificateFactory.CreateSslCertificate();

FakesExtensionsTests.cs (2)

56var certificate = host.Services.GetRequiredService<IOptions<FakeCertificateOptions>>().Value.Certificate; 71var certificate = FakeSslCertificateFactory.CreateSslCertificate();

System\Security\Cryptography\X509Certificates\X509CertificateKeyAccessors.cs (11)

16/// Helper methods to access keys on <see cref="X509Certificate2"/>. 39public static MLKem? GetMLKemPublicKey(this X509Certificate2 certificate) 76public static MLKem? GetMLKemPrivateKey(this X509Certificate2 certificate) => 94/// A new certificate with the <see cref="X509Certificate2.HasPrivateKey" /> property set to <see langword="true"/>. 107public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, MLKem privateKey) => 133public static SlhDsa? GetSlhDsaPublicKey(this X509Certificate2 certificate) => 153public static SlhDsa? GetSlhDsaPrivateKey(this X509Certificate2 certificate) => 171/// A new certificate with the <see cref="X509Certificate2.HasPrivateKey" /> property set to <see langword="true"/>. 187public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, SlhDsa privateKey) =>

ManifestUtil\mansign2.cs (4)

400private static void InsertPublisherIdentity(XmlDocument manifestDom, X509Certificate2 signerCert) 1047private X509Certificate2 _certificate; 1061internal CmiManifestSigner2(AsymmetricAlgorithm strongNameKey, X509Certificate2 certificate, bool useSha256) 1099internal X509Certificate2 Certificate

ManifestUtil\SecurityUtil.cs (9)

SecurityUtil_Tests.cs (6)

32using X509Certificate2 certificate = TestCertHelper.MockCertificate(pathToCertificate); 51internal static X509Certificate2 MockCertificate(string pathToCertificate) 53var certificate = new X509Certificate2(pathToCertificate); 59internal static void RemoveCertificate(X509Certificate2 certificate) => UpdateCertificateState(certificate, s_personalStore.Remove); 61private static void UpdateCertificateState(X509Certificate2 certificate, Action<X509Certificate2> updateAction)

src\common\LatestLinksManager.cs (1)

33X509Certificate2 certificate,

src\PublishArtifactsInManifestBase.cs (1)

134public X509Certificate2 AkaMSClientCertificate { get; set; }

src\AkaMSLinksManager.cs (1)

61public AkaMSLinkManager(string clientId, X509Certificate2 certificate, string tenant, Microsoft.Build.Utilities.TaskLoggingHelper log)

Verification\AuthentiCode.cs (1)

207X509Certificate2 cert = counterSign.Certificate;

Verification\Jar\JarSignatureFile.cs (1)

273X509Certificate2 timestampSignerCert = timestampSigner.Certificate;

Verification\VsixVerifier.cs (2)

92X509Certificate2 certificate = new X509Certificate2(packageSignature.Signer); 153X509Certificate2 certificate = new X509Certificate2(packageSignature.Signer);

Verification\XmlVerifier.cs (3)

24X509Certificate2 xmlCertificate; 37private bool IsSigned(string path, out X509Certificate2 signingCertificate) 65foreach (X509Certificate2 certificate in certificates)

src\VerifySignatures.cs (3)

209X509Certificate2 certificate; 214var certContentType = X509Certificate2.GetCertContentType(fullPath); 221X509Certificate signer = X509Certificate2.CreateFromSignedFile(fullPath);

netstandard.cs (1)

1955[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.X509Certificate2))]

MS\Internal\Documents\DigitalSignature.cs (2)

160internal X509Certificate2 Certificate 234private X509Certificate2 _x509Certificate2;

MS\Internal\Documents\DigitalSignatureProvider.cs (12)

311IList<X509Certificate2> IDigitalSignatureProvider.GetAllCertificates() 313List<X509Certificate2> certificateList = new List<X509Certificate2>(); 317X509Certificate2 certificate = signature.Certificate; 331IDictionary<X509Certificate2, CertificatePriorityStatus> IDigitalSignatureProvider.GetCertificateStatus( 332IList<X509Certificate2> certificates) 334Dictionary<X509Certificate2, CertificatePriorityStatus> certificateStatusTable = 335new Dictionary<X509Certificate2, CertificatePriorityStatus>(); 337foreach (X509Certificate2 certificate in certificates) 496X509Certificate2 x509Certificate2 = 497xpsDigitalSignature.SignerCertificate as X509Certificate2; 596private static CertificatePriorityStatus GetCertificateStatus(X509Certificate2 certificate)

MS\Internal\Documents\DocumentSignatureManager.cs (9)

213new Dictionary<X509Certificate2, CertificatePriorityStatus>(); 226IList<X509Certificate2> certificateList = 449X509Certificate2 x509Certificate2; 729X509Certificate2 certificate = null; 900private static X509Certificate2 ShowCertificatePickerDialog(IntPtr parentWindow) 902X509Certificate2 x509cert = null; 994private void StartCertificateStatusCheck(IList<X509Certificate2> certificateList) 1347private IDictionary<X509Certificate2, CertificatePriorityStatus> _certificateStatusTable; 1373internal IList<X509Certificate2> CertificateList;

MS\Internal\Documents\IDigitalSignatureProvider.cs (3)

36IList<X509Certificate2> GetAllCertificates(); 44IDictionary<X509Certificate2, CertificatePriorityStatus> GetCertificateStatus(IList<X509Certificate2> certificates);

MS\Internal\Documents\SigningDialog.cs (3)

31internal SigningDialog(X509Certificate2 x509Certificate2, DigitalSignature digitalSignatureRequest, DocumentSignatureManager docSigManager) 312internal X509Certificate2 Certificate 331private X509Certificate2 _x509Certificate2;

ScenarioTestTypes.cs (1)

1270public override void Validate(X509Certificate2 certificate)

Https\HttpsTests.4.1.0.cs (1)

278X509Certificate2 serviceCertificate = null;

Tcp\ClientCredentialTypeTests.OSX.cs (6)

93public override void Validate(X509Certificate2 certificate) 103static bool StoreContainsCertificate(X509Store store, X509Certificate2 certificate) 117internal bool TryValidate(X509Certificate2 certificate, out Exception exception) 179internal static void ResetCertificate(X509Certificate2 certificate) 184internal static string GetCertificateId(X509Certificate2 certificate) 191internal static void AppendCertificateIdentityName(StringBuilder str, X509Certificate2 certificate)

src\SignalR\common\Shared\TestCertificates.cs (1)

12internal static X509Certificate2 GetTestCert()

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

src\Servers\Kestrel\test\FunctionalTests\Http2\HandshakeTests.cs (1)

27private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate();

src\Servers\Kestrel\test\FunctionalTests\Http2\ShutdownTests.cs (1)

25private static readonly X509Certificate2 _x509Certificate2 = TestResources.GetTestCertificate();

src\Servers\Kestrel\test\FunctionalTests\ResponseTests.cs (1)

614var certificate = TestResources.GetTestCertificate();

src\Shared\TestResources.cs (5)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 39public static X509Certificate2 GetTestCertificate(string certName, string password) 44public static X509Certificate2 GetTestCertificateWithKey(string certName, string keyName) 46var cert = X509Certificate2.CreateFromPemFile(GetCertPath(certName), GetCertPath(keyName));

src\libraries\shims\System\ref\System.cs (1)

864[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.X509Certificate2))]

src\libraries\Common\src\System\Net\Security\CertificateHelper.cs (4)

16internal static X509Certificate2? GetEligibleClientCertificate(X509CertificateCollection? candidateCerts) 29internal static X509Certificate2? GetEligibleClientCertificate(X509Certificate2Collection? candidateCerts) 36foreach (X509Certificate2 cert in candidateCerts) 64private static bool IsValidClientCertificate(X509Certificate2 cert)

src\libraries\Common\src\System\Net\Security\CertificateHelper.Unix.cs (1)

10internal static X509Certificate2? GetEligibleClientCertificate()

System\Net\Http\HttpClientHandler.cs (3)

308public Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? ServerCertificateCustomValidationCallback 374private static Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? s_dangerousAcceptAnyServerCertificateValidator; 376public static Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> DangerousAcceptAnyServerCertificateValidator =>

System\Net\Http\SocketsHttpHandler\ConnectHelper.cs (5)

25public readonly Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> FromHttpClientHandler; 28public CertificateCallbackMapper(Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> fromHttpClientHandler) 32FromHttpClientHandler((HttpRequestMessage)sender, certificate as X509Certificate2, chain, sslPolicyErrors); 44Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> localFromHttpClientHandler = mapper.FromHttpClientHandler; 49bool result = localFromHttpClientHandler(localRequest, certificate as X509Certificate2, chain, sslPolicyErrors);

artifacts\obj\System.Net.Http.WinHttpHandler\Debug\net10.0\System.Net.Http.WinHttpHandler.notsupported.cs (1)

44public System.Func<System.Net.Http.HttpRequestMessage, System.Security.Cryptography.X509Certificates.X509Certificate2, System.Security.Cryptography.X509Certificates.X509Chain, System.Net.Security.SslPolicyErrors, bool>? ServerCertificateValidationCallback { get { throw new System.PlatformNotSupportedException(System.SR.PlatformNotSupported_WinHttpHandler); } set { throw new System.PlatformNotSupportedException(System.SR.PlatformNotSupported_WinHttpHandler); } }

System\Net\HttpListenerRequest.cs (3)

230public X509Certificate2? GetClientCertificate() 254public Task<X509Certificate2?> GetClientCertificateAsync() 263internal X509Certificate2? ClientCertificate { get; set; }

System\Net\Managed\HttpConnection.cs (3)

68private X509Certificate2? _clientCert; 94_clientCert = c as X509Certificate2 ?? X509CertificateLoader.LoadCertificate(c.GetRawCertData()); 117internal X509Certificate2? ClientCertificate

System\Net\Managed\HttpListenerRequest.Managed.cs (3)

288private X509Certificate2? GetClientCertificateCore() => ClientCertificate = _context.Connection.ClientCertificate; 356public X509Certificate2? EndGetClientCertificate(IAsyncResult asyncResult) 371return (X509Certificate2?)clientCertAsyncResult.Result;

src\libraries\Common\src\System\Net\Security\CertificateValidation.Unix.cs (2)

16internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool isServer, string? hostName, Span<byte> certificateBuffer) 20internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool _ /*isServer*/, string? hostName)

System\Net\Quic\Internal\MsQuicConfiguration.Cache.cs (3)

39public CacheKey(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites) 55foreach (X509Certificate2 intermediate in intermediates) 119private static MsQuicConfigurationSafeHandle GetCachedCredentialOrCreate(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites)

System\Net\Quic\Internal\MsQuicConfiguration.cs (7)

17=> certificate is X509Certificate2 certificate2 && certificate2.Handle != IntPtr.Zero && certificate2.HasPrivateKey; 34ReadOnlyCollection<X509Certificate2>? intermediates = null; 99ReadOnlyCollection<X509Certificate2>? intermediates = default; 124private static MsQuicConfigurationSafeHandle Create(QuicConnectionOptions options, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol>? alpnProtocols, CipherSuitesPolicy? cipherSuitesPolicy, EncryptionPolicy encryptionPolicy) 204private static unsafe MsQuicConfigurationSafeHandle CreateInternal(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites) 206if (!MsQuicApi.UsesSChannelBackend && certificate is X509Certificate2 cert && intermediates is null) 260foreach (X509Certificate2 intermediate in intermediates)

System\Net\Quic\QuicConnection.cs (1)

212private X509Certificate2? _remoteCertificate;

System\Net\Quic\QuicConnection.SslConnectionOptions.cs (3)

76X509Certificate2? certificate = null; 176private QUIC_TLS_ALERT_CODES ValidateCertificate(X509Certificate2? certificate, Span<byte> certData, Span<byte> chainData) 208Debug.Assert(X509Certificate2.GetCertContentType(chainData) is X509ContentType.Pkcs7);

src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.OpenSsl.cs (1)

63foreach (X509Certificate2 intermediate in certContext.IntermediateCertificates)

src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.Ssl.cs (1)

312internal static bool AddExtraChainCertificates(SafeSslHandle ssl, ReadOnlyCollection<X509Certificate2> chain)

src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.SslCtx.cs (1)

47internal static bool AddExtraChainCertificates(SafeSslContextHandle ctx, ReadOnlyCollection<X509Certificate2> chain)

src\libraries\Common\src\System\Net\Security\CertificateValidation.Unix.cs (2)

16internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool isServer, string? hostName, Span<byte> certificateBuffer) 20internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool _ /*isServer*/, string? hostName)

System\Net\CertificateValidationPal.cs (2)

21internal static X509Certificate2? GetRemoteCertificate(SafeDeleteContext? securityContext) => 24internal static X509Certificate2? GetRemoteCertificate(SafeDeleteContext? securityContext, ref X509Chain? chain, X509ChainPolicy? chainPolicy) =>

System\Net\CertificateValidationPal.Unix.cs (4)

16X509Certificate2 remoteCertificate, 27private static X509Certificate2? GetRemoteCertificate( 38X509Certificate2? result = null; 71X509Certificate2 chainCert = new X509Certificate2(certPtr);

System\Net\Security\Pal.Managed\EndpointChannelBindingToken.cs (2)

14using (X509Certificate2? cert = CertificateValidationPal.GetRemoteCertificate(securityContext)) 28private static byte[] GetHashForChannelBinding(X509Certificate2 cert)

System\Net\Security\SslAuthenticationOptions.cs (2)

149X509Certificate2? certificateWithKey = sslServerAuthenticationOptions.ServerCertificate as X509Certificate2;

System\Net\Security\SslStream.Protocol.cs (19)

System\Net\Security\SslStreamCertificateContext.cs (11)

17public X509Certificate2 TargetCertificate { get; } 22public ReadOnlyCollection<X509Certificate2> IntermediateCertificates { get; } 25public static SslStreamCertificateContext Create(X509Certificate2 target, X509Certificate2Collection? additionalCertificates, bool offline) 30public static SslStreamCertificateContext Create(X509Certificate2 target, X509Certificate2Collection? additionalCertificates, bool offline = false, SslCertificateTrust? trust = null) 36X509Certificate2 target, 47X509Certificate2[] intermediates = Array.Empty<X509Certificate2>(); 48X509Certificate2? root = null; 127intermediates = new X509Certificate2[count]; 150SslStreamCertificateContext ctx = new SslStreamCertificateContext(target, new ReadOnlyCollection<X509Certificate2>(intermediates), trust); 167partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership);

System\Net\Security\SslStreamCertificateContext.Linux.cs (9)

39private X509Certificate2[] _privateIntermediateCertificates; 40private X509Certificate2? _rootCertificate; 44private SslStreamCertificateContext(X509Certificate2 target, ReadOnlyCollection<X509Certificate2> intermediates, SslCertificateTrust? trust) 49_privateIntermediateCertificates = new X509Certificate2[intermediates.Count]; 58_privateIntermediateCertificates = Array.Empty<X509Certificate2>(); 115internal static SslStreamCertificateContext Create(X509Certificate2 target) => 125partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership) 272X509Certificate2? caCert = _privateIntermediateCertificates.Length > 0 ? _privateIntermediateCertificates[0] : _rootCertificate;

src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12CertBag.cs (2)

57internal Pkcs12CertBag(X509Certificate2 cert) 80public X509Certificate2 GetCertificate()

src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12SafeContents.cs (1)

75public Pkcs12CertBag AddCertificate(X509Certificate2 certificate)

src\libraries\Common\src\System\Security\Cryptography\X509Certificates\Pkcs12LoaderLimits.cs (1)

298/// <seealso cref="X509Certificate2.FriendlyName"/>

src\libraries\Common\src\System\Security\Cryptography\X509Certificates\X509CertificateLoader.cs (17)

src\libraries\Common\src\System\Security\Cryptography\X509Certificates\X509CertificateLoader.Pkcs12.cs (1)

588internal partial X509Certificate2 ToCertificate();

System\Security\Cryptography\X509Certificates\CertificateExtensionsCommon.cs (4)

11this X509Certificate2 certificate, 12Predicate<X509Certificate2>? matchesConstraints = null) 47this X509Certificate2 certificate, 48Predicate<X509Certificate2>? matchesConstraints = null)

System\Security\Cryptography\X509Certificates\CertificatePolicy.cs (3)

39public CertificatePolicyChain(List<X509Certificate2> chain) 156private void ReadPolicies(List<X509Certificate2> chain) 226private static CertificatePolicy ReadPolicy(X509Certificate2 cert)

System\Security\Cryptography\X509Certificates\CertificateRequest.cs (23)

System\Security\Cryptography\X509Certificates\CertificateRequest.Load.cs (1)

253X509Certificate2.CreateCustomExtensionIfAny(extAsn.ExtnId);

System\Security\Cryptography\X509Certificates\CertificateRevocationListBuilder.Build.cs (2)

110X509Certificate2 issuerCertificate, 127X509Certificate2 issuerCertificate,

System\Security\Cryptography\X509Certificates\CertificateRevocationListBuilder.cs (1)

64X509Certificate2 certificate,

System\Security\Cryptography\X509Certificates\ChainPal.OpenSsl.cs (5)

142List<X509Certificate2>? tmp = null; 157foreach (X509Certificate2 downloaded in tmp) 195X509Certificate2 reportedLeaf = chainPal.ChainElements[0].Certificate; 203private static void SaveIntermediateCertificates(List<X509Certificate2> downloadedCerts) 223foreach (X509Certificate2 cert in downloadedCerts)

System\Security\Cryptography\X509Certificates\DSACertificateExtensions.cs (5)

11/// public and private keys of a <see cref="X509Certificate2" />. 20public static DSA? GetDSAPublicKey(this X509Certificate2 certificate) 28public static DSA? GetDSAPrivateKey(this X509Certificate2 certificate) 33public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, DSA privateKey)

System\Security\Cryptography\X509Certificates\ECDsaCertificateExtensions.cs (6)

10/// public and private keys of a <see cref="X509Certificate2" />. 17public static ECDsa? GetECDsaPublicKey(this X509Certificate2 certificate) 25public static ECDsa? GetECDsaPrivateKey(this X509Certificate2 certificate) 30public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, ECDsa privateKey) 53private static bool HasECDsaKeyUsage(X509Certificate2 certificate)

System\Security\Cryptography\X509Certificates\ManagedCertificateFinder.cs (9)

42static bool FindPredicate(byte[] thumbprint, X509Certificate2 certificate) 268protected abstract byte[] GetSubjectPublicKeyInfo(X509Certificate2 cert); 314private static X509Extension? FindExtension(X509Certificate2 cert, string extensionOid) 334protected abstract X509Certificate2 CloneCertificate(X509Certificate2 cert); 336private void FindCore<TState>(TState state, Func<TState, X509Certificate2, bool> predicate) 342X509Certificate2 cert = findFrom[i]; 347X509Certificate2 clone = CloneCertificate(cert); 356private static bool IsCertValid(X509Certificate2 cert)

System\Security\Cryptography\X509Certificates\OpenSslCachedSystemStoreProvider.cs (6)

61X509Certificate2 clone = new X509Certificate2(Interop.Crypto.GetX509StackField(nativeColl, i)); 153var uniqueRootCerts = new HashSet<X509Certificate2>(); 154var uniqueIntermediateCerts = new HashSet<X509Certificate2>(); 242X509Certificate2 cert = new X509Certificate2(pal); 296foreach (X509Certificate2 cert in uniqueRootCerts) 301foreach (X509Certificate2 cert in uniqueIntermediateCerts)

System\Security\Cryptography\X509Certificates\OpenSslCertificateAssetDownloader.cs (3)

16internal static X509Certificate2? DownloadCertificate(string uri, TimeSpan downloadTimeout) 27X509ContentType contentType = X509Certificate2.GetCertContentType(data); 28X509Certificate2 certificate;

System\Security\Cryptography\X509Certificates\OpenSslCertificateFinder.cs (3)

13protected override byte[] GetSubjectPublicKeyInfo(X509Certificate2 cert) 25protected override X509Certificate2 CloneCertificate(X509Certificate2 cert)

System\Security\Cryptography\X509Certificates\OpenSslDirectoryBasedStoreProvider.cs (7)

86var loadedCerts = new HashSet<X509Certificate2>(); 92X509Certificate2 cert = X509CertificateLoader.LoadPkcs12FromFile(filePath, null); 144using (X509Certificate2 copy = new X509Certificate2(cert.DuplicateHandles())) 161using (X509Certificate2 fromFile = X509CertificateLoader.LoadPkcs12FromFile(existingFilename, null)) 232using (X509Certificate2 copy = new X509Certificate2(cert.DuplicateHandles())) 261private static string? FindExistingFilename(X509Certificate2 cert, string storePath, out bool hadCandidates) 271using (X509Certificate2 candidate = X509CertificateLoader.LoadPkcs12FromFile(maybeMatch, null))

System\Security\Cryptography\X509Certificates\OpenSslExportProvider.cs (1)

98foreach (X509Certificate2 cert in _certs!)

System\Security\Cryptography\X509Certificates\OpenSslX509ChainEventSource.cs (1)

666internal void CachingIntermediate(X509Certificate2 certificate)

System\Security\Cryptography\X509Certificates\OpenSslX509ChainProcessor.cs (10)

156foreach (X509Certificate2 cert in customTrustStore) 191foreach (X509Certificate2 cert in extraCerts) 216ref List<X509Certificate2>? downloadedCerts) 253X509Certificate2? downloaded = DownloadCertificate( 265downloadedCerts ??= new List<X509Certificate2>(); 313X509Certificate2 downloadedCert = downloadedCerts[i]; 892X509Certificate2 elementCert = new X509Certificate2(elementCertPtr); 906List<X509Certificate2> certsToRead = new List<X509Certificate2>(); 1199private static X509Certificate2? DownloadCertificate(

System\Security\Cryptography\X509Certificates\RSACertificateExtensions.cs (5)

10/// public and private keys of a <see cref="X509Certificate2" />. 17public static RSA? GetRSAPublicKey(this X509Certificate2 certificate) 25public static RSA? GetRSAPrivateKey(this X509Certificate2 certificate) 30public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, RSA privateKey)

System\Security\Cryptography\X509Certificates\StorePal.cs (1)

49foreach (X509Certificate2 cert in coll)

System\Security\Cryptography\X509Certificates\UnixChainVerifier.cs (1)

86private static bool IsSelfSigned(X509Certificate2 cert)

System\Security\Cryptography\X509Certificates\UnixExportProvider.cs (1)

119X509Certificate2 cert = _certs[i];

System\Security\Cryptography\X509Certificates\X509AuthorityKeyIdentifierExtension.cs (3)

105/// Gets the <see cref="X509Certificate2.IssuerName"/> value from this certificate's 109/// The <see cref="X509Certificate2.IssuerName"/> value from this certificate's 461X509Certificate2 certificate,

System\Security\Cryptography\X509Certificates\X509Certificate2.cs (21)

System\Security\Cryptography\X509Certificates\X509Certificate2Collection.cs (14)

15public class X509Certificate2Collection : X509CertificateCollection, IEnumerable<X509Certificate2> 21public X509Certificate2Collection(X509Certificate2 certificate) 26public X509Certificate2Collection(X509Certificate2[] certificates) 36public new X509Certificate2 this[int index] 40return (X509Certificate2)(base[index]); 48public int Add(X509Certificate2 certificate) 55public void AddRange(X509Certificate2[] certificates) 99public bool Contains(X509Certificate2 certificate) 202IEnumerator<X509Certificate2> IEnumerable<X509Certificate2>.GetEnumerator() => GetEnumerator(); 328public void Insert(int index, X509Certificate2 certificate) 335public void Remove(X509Certificate2 certificate) 342public void RemoveRange(X509Certificate2[] certificates) 787foreach (X509Certificate2 cert in this)

System\Security\Cryptography\X509Certificates\X509Certificate2Enumerator.cs (3)

10public sealed class X509Certificate2Enumerator : IEnumerator, IEnumerator<X509Certificate2> 21public X509Certificate2 Current 23get { return (X509Certificate2)_enumerator.Current!; }

System\Security\Cryptography\X509Certificates\X509CertificateLoader.netcore.cs (4)

11public static partial X509Certificate2 LoadCertificate(byte[] data) 18public static partial X509Certificate2 LoadCertificate(ReadOnlySpan<byte> data) 30public static partial X509Certificate2 LoadCertificateFromFile(string path) 138internal partial X509Certificate2 ToCertificate()

System\Security\Cryptography\X509Certificates\X509Chain.cs (3)

89public bool Build(X509Certificate2 certificate) 94internal bool Build(X509Certificate2 certificate, bool throwOnException) 108foreach (X509Certificate2 customCertificate in _chainPolicy.CustomTrustStore)

System\Security\Cryptography\X509Certificates\X509ChainElement.cs (2)

16internal X509ChainElement(X509Certificate2 certificate, X509ChainStatus[] chainElementStatus, string information) 23public X509Certificate2 Certificate { get; }

System\Security\Cryptography\X509Certificates\X509Store.cs (4)

126public void Add(X509Certificate2 certificate) 146foreach (X509Certificate2 certificate in certificates) 164public void Remove(X509Certificate2 certificate) 184foreach (X509Certificate2 certificate in certificates)

Internal\Cryptography\DecryptorPal.cs (1)

35X509Certificate2? cert,

Internal\Cryptography\Pal\AnyOS\ManagedPal.cs (4)

33public override byte[] GetSubjectKeyIdentifier(X509Certificate2 certificate) 67public override T? GetPrivateKeyForSigning<T>(X509Certificate2 certificate, bool silent) where T : class 72public override T? GetPrivateKeyForDecryption<T>(X509Certificate2 certificate, bool silent) where T : class 77private static T? GetPrivateKey<T>(X509Certificate2 certificate) where T : class, IDisposable

Internal\Cryptography\Pal\AnyOS\ManagedPal.Decrypt.cs (1)

34X509Certificate2? cert,

Internal\Cryptography\Pal\AnyOS\ManagedPal.KeyTrans.cs (2)

36internal byte[]? DecryptCek(X509Certificate2? cert, RSA? privateKey, out Exception? exception) 65X509Certificate2? cert,

Internal\Cryptography\PkcsHelpers.cs (5)

134X509Certificate2 originalCert = recipient.Certificate; 135X509Certificate2 certCopy = new X509Certificate2(originalCert.Handle); 170public static X509Certificate2? TryFindMatchingCertificate(this X509Certificate2Collection certs, SubjectIdentifier recipientIdentifier) 185foreach (X509Certificate2 candidate in certs) 198foreach (X509Certificate2 cert in certs)

Internal\Cryptography\PkcsPal.cs (3)

74public abstract byte[] GetSubjectKeyIdentifier(X509Certificate2 certificate); 79public abstract T? GetPrivateKeyForSigning<T>(X509Certificate2 certificate, bool silent) where T : class, IDisposable; 84public abstract T? GetPrivateKeyForDecryption<T>(X509Certificate2 certificate, bool silent) where T : class, IDisposable;

src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12CertBag.cs (2)

57internal Pkcs12CertBag(X509Certificate2 cert) 80public X509Certificate2 GetCertificate()

src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12SafeContents.cs (1)

75public Pkcs12CertBag AddCertificate(X509Certificate2 certificate)

System\Security\Cryptography\Pkcs\CmsRecipient.cs (6)

12public CmsRecipient(X509Certificate2 certificate) 22CmsRecipient(X509Certificate2 certificate, RSAEncryptionPadding rsaEncryptionPadding) 36CmsRecipient(SubjectIdentifierType recipientIdentifierType, X509Certificate2 certificate, RSAEncryptionPadding rsaEncryptionPadding) 45public CmsRecipient(SubjectIdentifierType recipientIdentifierType, X509Certificate2 certificate) 73public X509Certificate2 Certificate { get; } 75private static void ValidateRSACertificate(X509Certificate2 certificate)

System\Security\Cryptography\Pkcs\CmsSignature.cs (5)

46X509Certificate2 certificate); 55X509Certificate2 certificate, 124X509Certificate2 certificate, 148X509Certificate2 certificate, 150Func<X509Certificate2, T?> getCertPublicKey,

System\Security\Cryptography\Pkcs\CmsSignature.DSA.cs (2)

52X509Certificate2 certificate) 111X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSignature.ECDsa.cs (2)

54X509Certificate2 certificate) 116X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSignature.RSA.cs (4)

55X509Certificate2 certificate) 108X509Certificate2 certificate, 216X509Certificate2 certificate, 336X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSignature.SlhDsa.cs (2)

54X509Certificate2 certificate) 92X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSigner.cs (8)

25public X509Certificate2? Certificate { get; set; } 95public CmsSigner(X509Certificate2? certificate) 106public CmsSigner(SubjectIdentifierType signerIdentifierType, X509Certificate2? certificate) 116CmsSigner(SubjectIdentifierType signerIdentifierType, X509Certificate2? certificate, AsymmetricAlgorithm? privateKey) 128CmsSigner(SubjectIdentifierType signerIdentifierType, X509Certificate2? certificate, SlhDsa? privateKey) 157X509Certificate2? certificate, 166X509Certificate2? certificate, 503X509Certificate2 cert = elements[i].Certificate;

System\Security\Cryptography\Pkcs\EnvelopedCms.cs (1)

241X509Certificate2? cert = certs.TryFindMatchingCertificate(recipientInfo.RecipientIdentifier);

System\Security\Cryptography\Pkcs\Rfc3161TimestampToken.cs (13)

System\Security\Cryptography\Pkcs\SignedCms.cs (5)

563var certs = new HashSet<X509Certificate2>(Certificates.OfType<X509Certificate2>()); 567X509Certificate2 candidate = newCerts[i]; 670void AddCertificate(X509Certificate2 certificate) 709void RemoveCertificate(X509Certificate2 certificate)

System\Security\Cryptography\Pkcs\SignerInfo.cs (10)

33private X509Certificate2? _signerCertificate; 74public X509Certificate2? Certificate => 456X509Certificate2? certificate = Certificate; 502private X509Certificate2? FindSignerCertificate() 507private static X509Certificate2? FindSignerCertificate( 517X509Certificate2? match = null; 526foreach (X509Certificate2 cert in filtered) 552foreach (X509Certificate2 cert in filtered) 839X509Certificate2 certificate, 913X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\SubjectIdentifier.cs (1)

106bool MatchesCertificate(X509Certificate2 certificate)

System.Security.Cryptography.X509Certificates.cs (1)

18[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.X509Certificate2))]

System\Security\Cryptography\Xml\EncryptedXml.cs (2)

433foreach (X509Certificate2 certificate in collection) 528public EncryptedData Encrypt(XmlElement inputElement, X509Certificate2 certificate)

System\Security\Cryptography\Xml\KeyInfoX509Data.cs (3)

37X509Certificate2 certificate = rgbCert is null ? 54X509Certificate2 certificate = new X509Certificate2(cert); 116X509Certificate2 x509 = new X509Certificate2(certificate);

System\Security\Cryptography\Xml\SignedXml.cs (3)

330public bool CheckSignature(X509Certificate2 certificate, bool verifySignatureOnly) 535X509Certificate2? certificate = (X509Certificate2?)_x509Enum.Current;

System\Security\Cryptography\Xml\SignedXmlDebugLog.cs (2)

216X509Certificate2? certificate2 = key as X509Certificate2;

System\Security\Cryptography\Xml\Utils.cs (3)

630foreach (X509Certificate2 certificate in keyInfoX509Data.Certificates) 742X509Certificate2 certificate = elements[0].Certificate; 748internal static AsymmetricAlgorithm? GetAnyPublicKey(X509Certificate2 certificate)

ServiceModel\BasicHttpsBindingTest.cs (1)

75var certificate = new X509Certificate2(certificateBytes);

System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (2)

74public X509Certificate2 ServerCertificate { get; private set; } 406X509Certificate2 certificate2 = new X509Certificate2(certificate);

netstandard.cs (10)

artifacts\obj\System.Windows.Extensions\Debug\net10.0\System.Windows.Extensions.notsupported.cs (2)

58public static void DisplayCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) { throw new System.PlatformNotSupportedException(System.SR.PlatformNotSupported_System_Windows_Extensions); } 59public static void DisplayCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.IntPtr hwndParent) { throw new System.PlatformNotSupportedException(System.SR.PlatformNotSupported_System_Windows_Extensions); }

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\Shared\CertificateGeneration\UnixCertificateManager.cs (14)

51public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 97var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 152protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 169internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 176internal override void CorrectCertificateState(X509Certificate2 candidate) 182internal override bool IsExportable(X509Certificate2 c) => true; 184protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 200using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 231using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 359protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 366if (TryFindCertificateInStore(store, certificate, out var matching)) 451protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 548private static string GetCertificateNickname(X509Certificate2 certificate)

src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

Program.cs (4)

17var certificate = GenerateManualCertificate(); 162static X509Certificate2 GenerateManualCertificate() 164X509Certificate2 cert; 194using var crt = req.CreateSelfSigned(now, now.AddDays(14)); // 14 days is the max duration of a certificate for this

Program.cs (3)

47static X509Certificate2 GenerateManualCertificate() 49X509Certificate2 cert = null; 80using var crt = req.CreateSelfSigned(now, now.AddDays(14)); // 14 days is the max duration of a certificate for this

Program.cs (2)

23var serverCertificate = LoadCertificate(); 43private static X509Certificate2 LoadCertificate()