Allow cert file and private key file to be passed in (#19477)

src/Servers/Kestrel/Transport.Quic/src/Internal/QuicConnectionListener.cs

@@ -29,10 +29,18 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Transport.Quic.Internal
             _log = log;
             _context = new QuicTransportContext(_log, options);
             EndPoint = endpoint;
+
+            var quicListenerOptions = new QuicListenerOptions();
             var sslConfig = new SslServerAuthenticationOptions();
             sslConfig.ServerCertificate = options.Certificate;
             sslConfig.ApplicationProtocols = new List<SslApplicationProtocol>() { new SslApplicationProtocol(options.Alpn) };
-            _listener = new QuicListener(QuicImplementationProviders.MsQuic, endpoint as IPEndPoint, sslConfig);
+
+            quicListenerOptions.ServerAuthenticationOptions = sslConfig;
+            quicListenerOptions.CertificateFilePath = options.CertificateFilePath;
+            quicListenerOptions.PrivateKeyFilePath = options.PrivateKeyFilePath;
+            quicListenerOptions.ListenEndPoint = endpoint as IPEndPoint;
+
+            _listener = new QuicListener(QuicImplementationProviders.MsQuic, quicListenerOptions);
             _listener.Start();
         }
 

src/Servers/Kestrel/Transport.Quic/src/QuicTransportOptions.cs

@@ -29,6 +29,16 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Transport.Quic
         /// </summary>
         public X509Certificate2 Certificate { get; set; }
 
+        /// <summary>
+        /// Optional path to certificate file to configure the security configuration.
+        /// </summary>
+        public string CertificateFilePath { get; set; }
+
+        /// <summary>
+        /// Optional path to private key file to configure the security configuration.
+        /// </summary>
+        public string PrivateKeyFilePath { get; set; }
+
         /// <summary>
         /// Sets the idle timeout for connections and streams.
         /// </summary>

src/Shared/runtime/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs

@@ -236,8 +236,8 @@ namespace System.Net.Quic.Implementations.MsQuic.Internal
                 {
                     fileParams = new MsQuicNativeMethods.CertFileParams
                     {
-                        CertificateFilePath = Marshal.StringToCoTaskMemUTF8(certFilePath),
-                        PrivateKeyFilePath = Marshal.StringToCoTaskMemUTF8(privateKeyFilePath)
+                        PrivateKeyFilePath = Marshal.StringToCoTaskMemUTF8(privateKeyFilePath),
+                        CertificateFilePath = Marshal.StringToCoTaskMemUTF8(certFilePath)
                     };
 
                     unmanagedAddr = Marshal.AllocHGlobal(Marshal.SizeOf(fileParams));
@@ -246,7 +246,7 @@ namespace System.Net.Quic.Implementations.MsQuic.Internal
                     createConfigStatus = SecConfigCreateDelegate(
                         _registrationContext,
                         (uint)QUIC_SEC_CONFIG_FLAG.CERT_FILE,
-                        certificate.Handle,
+                        unmanagedAddr,
                         null,
                         IntPtr.Zero,
                         SecCfgCreateCallbackHandler);

src/Shared/runtime/Quic/Interop/MsQuicNativeMethods.cs

@@ -1,4 +1,4 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 // See the LICENSE file in the project root for more information.
 
@@ -481,8 +481,8 @@ namespace System.Net.Quic.Implementations.MsQuic.Internal
         [StructLayout(LayoutKind.Sequential)]
         internal struct CertFileParams
         {
-            internal IntPtr CertificateFilePath;
             internal IntPtr PrivateKeyFilePath;
+            internal IntPtr CertificateFilePath;
         }
     }
 }