Add missing client cert (#729)
* Updated GitVersioning package to fix issue with loading native libgit lib. Added check for missing HttpClientHandler * fixed type * HttpClientHandler is null when trying to get client certificates for web socket connection. Added direct configuration of client cert instead of via HttpClientHandler * fixed indentation warning * re-added certs from httpclienthandler if present * Updated GitVersioning package to fix issue with loading native libgit lib. Added check for missing HttpClientHandler * fixed type * HttpClientHandler is null when trying to get client certificates for web socket connection. Added direct configuration of client cert instead of via HttpClientHandler * fixed indentation warning * re-added certs from httpclienthandler if present * merged duplicate code * reverted package changes
This commit is contained in:
Frode Hus
@@ -122,5 +122,28 @@ namespace k8s
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Retrieves Client Certificate PFX from configuration
|
||||
/// </summary>
|
||||
/// <param name="config">Kubernetes Client Configuration</param>
|
||||
/// <returns>Client certificate PFX</returns>
|
||||
public static X509Certificate2 GetClientCert(KubernetesClientConfiguration config)
|
||||
{
|
||||
if (config == null)
|
||||
{
|
||||
throw new ArgumentNullException(nameof(config));
|
||||
}
|
||||
|
||||
if ((!string.IsNullOrWhiteSpace(config.ClientCertificateData) ||
|
||||
!string.IsNullOrWhiteSpace(config.ClientCertificateFilePath)) &&
|
||||
(!string.IsNullOrWhiteSpace(config.ClientCertificateKeyData) ||
|
||||
!string.IsNullOrWhiteSpace(config.ClientKeyFilePath)))
|
||||
{
|
||||
return GeneratePfx(config);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -57,6 +57,7 @@ namespace k8s
|
||||
ValidateConfig(config);
|
||||
CaCerts = config.SslCaCerts;
|
||||
SkipTlsVerify = config.SkipTlsVerify;
|
||||
ClientCert = CertUtils.GetClientCert(config);
|
||||
SetCredentials(config);
|
||||
}
|
||||
|
||||
@@ -133,7 +134,7 @@ namespace k8s
|
||||
}
|
||||
|
||||
private X509Certificate2Collection CaCerts { get; }
|
||||
|
||||
private X509Certificate2 ClientCert { get; }
|
||||
private bool SkipTlsVerify { get; }
|
||||
|
||||
partial void CustomInitialize()
|
||||
@@ -262,6 +263,8 @@ namespace k8s
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
|
||||
/// <summary>
|
||||
/// Set credentials for the Client
|
||||
/// </summary>
|
||||
|
||||
@@ -295,9 +295,17 @@ namespace k8s
|
||||
}
|
||||
|
||||
// Set Credentials
|
||||
foreach (var cert in this.HttpClientHandler.ClientCertificates.OfType<X509Certificate2>())
|
||||
if (this.ClientCert != null)
|
||||
{
|
||||
webSocketBuilder.AddClientCertificate(cert);
|
||||
webSocketBuilder.AddClientCertificate(this.ClientCert);
|
||||
}
|
||||
|
||||
if (this.HttpClientHandler != null)
|
||||
{
|
||||
foreach (var cert in this.HttpClientHandler.ClientCertificates.OfType<X509Certificate2>())
|
||||
{
|
||||
webSocketBuilder.AddClientCertificate(cert);
|
||||
}
|
||||
}
|
||||
|
||||
if (Credentials != null)
|
||||
|
||||
@@ -41,14 +41,10 @@ namespace k8s
|
||||
throw new ArgumentNullException(nameof(handler));
|
||||
}
|
||||
|
||||
if ((!string.IsNullOrWhiteSpace(ClientCertificateData) ||
|
||||
!string.IsNullOrWhiteSpace(ClientCertificateFilePath)) &&
|
||||
(!string.IsNullOrWhiteSpace(ClientCertificateKeyData) ||
|
||||
!string.IsNullOrWhiteSpace(ClientKeyFilePath)))
|
||||
var clientCert = CertUtils.GetClientCert(this);
|
||||
if (clientCert != null)
|
||||
{
|
||||
var cert = CertUtils.GeneratePfx(this);
|
||||
|
||||
handler.ClientCertificates.Add(cert);
|
||||
handler.ClientCertificates.Add(clientCert);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user