huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Ensure the selected certificate has an accessible private key #9915 (#9965)

This commit is contained in:
huysentruitw 2019-05-04 17:14:00 +02:00 committed by Chris Ross
parent 3f808160dd
commit a2effc56e0
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Servers/Kestrel/Core/src/CertificateLoader.cs
View File

@ -29,6 +29,7 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Https.Internal
foundCertificate = foundCertificates
.OfType<X509Certificate2>()
.Where(IsCertificateAllowedForServerAuth)
.Where(DoesCertificateHaveAnAccessiblePrivateKey)
.OrderByDescending(certificate => certificate.NotAfter)
.FirstOrDefault();
@ -80,6 +81,9 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Https.Internal
return !hasEkuExtension;
}
internal static bool DoesCertificateHaveAnAccessiblePrivateKey(X509Certificate2 certificate)
=> certificate.HasPrivateKey;
private static void DisposeCertificates(X509Certificate2Collection certificates, X509Certificate2 except)
{
if (certificates != null)