e7ea31b1c7
* Added a new property, ValidateCertificateChain
This aligns the code with README.md, and enables chained certificate authentication to work in Azure App Service (which won't have the client certificate's root in its trust store)
* Updated reference assemblies
New ValidateCertificateChain property was missing from /ref - hadn't updated it, so automatic test was failing
* Replaced the broad property which disables certificate chain validation with a granular list of trusted issuers
Also updated documentation to remove the unused property and to indicate that it isn't possible to validate half of the chain from the OS' trust store, and half from the private root store
* Swapped property access for an AddRange call
* Updated reference assembly
* Added certificate tests
Three test cases:
- Untrusted client certificate should fail, as it does now.
- Client certificate which is part of a chain with an untrusted root but a trusted issuer should fail, since the chain as a whole isn't trusted.
- Client certificate which is part of a fully-trusted chain should pass.
Also noticed that there were a couple of issues in CreateServer, where the certificate revocation flags weren't being set properly.
Finally, the csproj was referring to a folder name ("test\Certificates") which didn't exist. It looks like the folder was renamed to "TestCertificates", so I've update the project to match.
* Update Microsoft.AspNetCore.Authentication.Certificate.netcoreapp.cs
* Reverting change of Tests csproj, which was blocking certificate tests
* Forgot to add certificates to the shared source root, so tests were failing
* Updating following code review
Replaced custom logic with a new ChainTrustValidationMode property. Updated reference assemblies
* Changed tests to account for new property
* Updated certificates for PR tests
* Updated certificates
Updating all new certificates to avoid using the alternate signature algorithm
* Dummy checkin
Compilation errors coming from CertificateTests.cs, performing this checkin to test whether or not they're limited to a specific build.
* Following up typo corrections
Commit
|
||
|---|---|---|
| .azure/pipelines | ||
| .config | ||
| .github | ||
| .vscode | ||
| docs | ||
| eng | ||
| src | ||
| .editorconfig | ||
| .gitattributes | ||
| .gitignore | ||
| .gitmodules | ||
| CONTRIBUTING.md | ||
| Directory.Build.props | ||
| Directory.Build.targets | ||
| LICENSE.txt | ||
| NuGet.config | ||
| README.md | ||
| SECURITY.md | ||
| THIRD-PARTY-NOTICES.txt | ||
| activate.ps1 | ||
| activate.sh | ||
| build.cmd | ||
| build.ps1 | ||
| build.sh | ||
| clean.cmd | ||
| clean.ps1 | ||
| clean.sh | ||
| dockerbuild.sh | ||
| global.json | ||
| restore.cmd | ||
| restore.sh | ||
| startvs.cmd | ||
README.md
ASP.NET Core
ASP.NET Core is an open-source and cross-platform framework for building modern cloud based internet connected applications, such as web apps, IoT apps and mobile backends. ASP.NET Core apps run on .NET Core, a free, cross-platform and open-source application runtime. It was architected to provide an optimized development framework for apps that are deployed to the cloud or run on-premises. It consists of modular components with minimal overhead, so you retain flexibility while constructing your solutions. You can develop and run your ASP.NET Core apps cross-platform on Windows, Mac and Linux. Learn more about ASP.NET Core.
Get Started
Follow the Getting Started instructions in the ASP.NET Core docs.
Also check out the .NET Homepage for released versions of .NET, getting started guides, and learning resources.
See the Issue Management Policies document for more information on how we handle incoming issues.
How to Engage, Contribute, and Give Feedback
Some of the best ways to contribute are to try things out, file issues, join in design conversations, and make pull-requests.
- Download our latest daily builds
- Follow along with the development of ASP.NET Core:
- Community Standup: The community standup is held every week and streamed live to YouTube. You can view past standups in the linked playlist.
- Roadmap: The schedule and milestone themes for ASP.NET Core.
- Build ASP.NET Core source code
- Check out the contributing page to see the best places to log issues and start discussions.
Reporting security issues and bugs
Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) secure@microsoft.com. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found in the Security TechCenter.
Related projects
These are some other repos for related projects:
- Documentation - documentation sources for https://docs.microsoft.com/aspnet/core/
- Entity Framework Core - data access technology
- Extensions - Logging, configuration, dependency injection, and more.
Code of conduct
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.