Use SslStream.RemoteCertificate to recreate disposed certificate.

This commit is contained in:
shanewalters 2016-05-19 12:17:23 -06:00
parent 7e7f21ec49
commit 9232029950
1 changed files with 4 additions and 4 deletions

View File

@ -40,7 +40,7 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Https
if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase))
{ {
X509Certificate2 clientCertificate = null; var certificateHandle = IntPtr.Zero;
SslStream sslStream; SslStream sslStream;
if (_options.ClientCertificateMode == ClientCertificateMode.NoCertificate) if (_options.ClientCertificateMode == ClientCertificateMode.NoCertificate)
{ {
@ -86,7 +86,7 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Https
} }
} }
clientCertificate = certificate2; certificateHandle = certificate2.Handle;
return true; return true;
}); });
await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired: true, await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired: true,
@ -98,9 +98,9 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Https
{ {
previousPrepareRequest?.Invoke(features); previousPrepareRequest?.Invoke(features);
if (clientCertificate != null) if (certificateHandle != IntPtr.Zero)
{ {
features.Set<ITlsConnectionFeature>(new TlsConnectionFeature { ClientCertificate = clientCertificate }); features.Set<ITlsConnectionFeature>(new TlsConnectionFeature { ClientCertificate = new X509Certificate2(sslStream.RemoteCertificate.Handle) });
} }
features.Get<IHttpRequestFeature>().Scheme = "https"; features.Get<IHttpRequestFeature>().Scheme = "https";