SLVS-1674 Improve CertificateChainValidator logging

SonarSource · Dec 2, 2024 · f0c585e · f0c585e
1 parent 51f1284
commit f0c585e
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 6 deletions.
diff --git a/src/SLCore.Listeners/Implementation/Http/ICertificateChainValidator.cs b/src/SLCore.Listeners/Implementation/Http/ICertificateChainValidator.cs
@@ -41,16 +41,16 @@ public CertificateChainValidator(ILogger logger)
     {
         this.logger = logger;
     }
-    
+
     [ExcludeFromCodeCoverage] // can't easily unit test X509Chain
     public bool ValidateChain(X509Certificate2 primaryCertificate, IEnumerable<X509Certificate2> additionalCertificates)
     {
-        logger.LogVerbose($"[{nameof(CertificateChainValidator)}] Validating certificate: " + primaryCertificate);
+        logger.LogVerbose("[CertificateChainValidator] Validating certificate: " + primaryCertificate);
         using var x509Chain = new X509Chain();
 
         foreach (var additionalCertificate in additionalCertificates)
         {
-            logger.LogVerbose($"[{nameof(CertificateChainValidator)}] Using chain certificate: " + primaryCertificate);
+            logger.LogVerbose("[CertificateChainValidator] Using chain certificate: " + primaryCertificate);
 
             x509Chain.ChainPolicy.ExtraStore.Add(additionalCertificate);
         }
@@ -59,12 +59,13 @@ public bool ValidateChain(X509Certificate2 primaryCertificate, IEnumerable<X509C
 
         if (!validationResult)
         {
+            logger.WriteLine(SLCoreStrings.CertificateValidator_Failed);
             foreach (var x509ChainChainStatus in x509Chain.ChainStatus)
             {
-                logger.LogVerbose($"{x509ChainChainStatus.Status}: {x509ChainChainStatus.StatusInformation}");
+                logger.WriteLine(SLCoreStrings.CertificateValidator_FailureReasonTemplate, x509ChainChainStatus.Status, x509ChainChainStatus.StatusInformation);
             }
         }
-        
+
         return validationResult;
     }
 }
diff --git a/src/SLCore/SLCoreStrings.Designer.cs b/src/SLCore/SLCoreStrings.Designer.cs
diff --git a/src/SLCore/SLCoreStrings.resx b/src/SLCore/SLCoreStrings.resx
@@ -171,4 +171,10 @@
   <data name="UnexpectedServerConnectionType" xml:space="preserve">
     <value>Unexpected server connection type</value>
   </data>
+  <data name="CertificateValidator_Failed" xml:space="preserve">
+    <value>[CertificateChainValidator] Certificate validation failed for the following reason(s):</value>
+  </data>
+  <data name="CertificateValidator_FailureReasonTemplate" xml:space="preserve">
+    <value>[CertificateChainValidator] {0}: {1}</value>
+  </data>
 </root>