Upgrade examples to use ServerCertificateContext - Fix #3981

icerpc · Sep 10, 2024 · a788d27 · a788d27
1 parent b1be545
commit a788d27
Show file tree

Hide file tree

Showing 16 changed files with 93 additions and 18 deletions.
diff --git a/examples/protobuf/GenericHost/Server/Program.cs b/examples/protobuf/GenericHost/Server/Program.cs
@@ -35,12 +35,15 @@
             .Bind(hostContext.Configuration.GetSection("Server"))
             .Configure(options =>
             {
+                string certificatePath = Path.Combine(
+                    hostContext.HostingEnvironment.ContentRootPath,
+                    hostContext.Configuration.GetValue<string>("Certificate:File")!);
+
                 options.ServerAuthenticationOptions = new SslServerAuthenticationOptions
                 {
-                    ServerCertificate = new X509Certificate2(
-                        Path.Combine(
-                            hostContext.HostingEnvironment.ContentRootPath,
-                            hostContext.Configuration.GetValue<string>("Certificate:File")!))
+                    ServerCertificateContext = SslStreamCertificateContext.Create(
+                        X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+                        X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
                 };
             });
 

diff --git a/examples/protobuf/GenericHost/Server/Server.csproj b/examples/protobuf/GenericHost/Server/Server.csproj
@@ -21,6 +21,12 @@
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <ProtoFile Include="../proto/greeter.proto" />
     <PackageReference Include="Microsoft.Extensions.Hosting" Version="8.0.*" />

diff --git a/examples/protobuf/Quic/Server/Program.cs b/examples/protobuf/Quic/Server/Program.cs
@@ -7,11 +7,14 @@
 using System.Security.Cryptography.X509Certificates;
 
 // Create a server that uses the test server certificate, and the QUIC multiplexed transport.
+string certificatePath = "../../../../certs/server.p12";
 await using var server = new Server(
     new Chatbot(),
     new SslServerAuthenticationOptions
     {
-        ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
+        ServerCertificateContext = SslStreamCertificateContext.Create(
+            X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+            X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
     },
     multiplexedServerTransport: new QuicServerTransport());
 

diff --git a/examples/protobuf/Quic/Server/Server.csproj b/examples/protobuf/Quic/Server/Server.csproj
@@ -10,6 +10,12 @@
     <!-- Enable preview features to use the QUIC transport -->
     <EnablePreviewFeatures>True</EnablePreviewFeatures>
   </PropertyGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <ProtoFile Include="../proto/greeter.proto" />
     <Compile Include="../../../common/Program.CancelKeyPressed.cs" Link="Program.CancelKeyPressed.cs" />

diff --git a/examples/protobuf/Secure/Server/Program.cs b/examples/protobuf/Secure/Server/Program.cs
@@ -6,9 +6,12 @@
 using System.Security.Cryptography.X509Certificates;
 
 // Create the authentication options using the test server certificate.
+string certificatePath = "../../../../certs/server.p12";
 var serverAuthenticationOptions = new SslServerAuthenticationOptions()
 {
-    ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
+    ServerCertificateContext = SslStreamCertificateContext.Create(
+        X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+        X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
 };
 
 await using var server = new Server(new Chatbot(), serverAuthenticationOptions);

diff --git a/examples/protobuf/Secure/Server/Server.csproj b/examples/protobuf/Secure/Server/Server.csproj
@@ -8,6 +8,12 @@
     <!-- Copy the PDBs from the NuGet packages to get file names and line numbers in stack traces. -->
     <CopyDebugSymbolFilesFromPackages>true</CopyDebugSymbolFilesFromPackages>
   </PropertyGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <ProtoFile Include="../proto/greeter.proto" />
     <PackageReference Include="IceRpc.Protobuf.Tools" Version="$(IceRpcVersion)" PrivateAssets="All" />

diff --git a/examples/protobuf/TcpFallback/Server/Program.cs b/examples/protobuf/TcpFallback/Server/Program.cs
@@ -18,11 +18,14 @@
     .Map<IGreeterService>(new Chatbot());
 
 // Create two servers that share the same dispatch pipeline.
+string certificatePath = "../../../../certs/server.p12";
 await using var quicServer = new Server(
     router,
     new SslServerAuthenticationOptions
     {
-        ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
+        ServerCertificateContext = SslStreamCertificateContext.Create(
+            X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+            X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
     },
     multiplexedServerTransport: new QuicServerTransport(),
     logger: loggerFactory.CreateLogger<Server>());
@@ -33,7 +36,9 @@
     router,
     new SslServerAuthenticationOptions
     {
-        ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
+        ServerCertificateContext = SslStreamCertificateContext.Create(
+            X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+            X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
     },
     logger: loggerFactory.CreateLogger<Server>());
 

diff --git a/examples/protobuf/TcpFallback/Server/Server.csproj b/examples/protobuf/TcpFallback/Server/Server.csproj
@@ -10,6 +10,12 @@
     <!-- Enable preview features to use the QUIC transport -->
     <EnablePreviewFeatures>True</EnablePreviewFeatures>
   </PropertyGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <ProtoFile Include="../proto/greeter.proto" />
     <PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.*" />

diff --git a/examples/slice/GenericHost/Server/Program.cs b/examples/slice/GenericHost/Server/Program.cs
@@ -35,12 +35,15 @@
             .Bind(hostContext.Configuration.GetSection("Server"))
             .Configure(options =>
             {
+                string certificatePath = Path.Combine(
+                    hostContext.HostingEnvironment.ContentRootPath,
+                    hostContext.Configuration.GetValue<string>("Certificate:File")!);
+
                 options.ServerAuthenticationOptions = new SslServerAuthenticationOptions
                 {
-                    ServerCertificate = new X509Certificate2(
-                        Path.Combine(
-                            hostContext.HostingEnvironment.ContentRootPath,
-                            hostContext.Configuration.GetValue<string>("Certificate:File")!))
+                    ServerCertificateContext = SslStreamCertificateContext.Create(
+                        X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+                        X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
                 };
             });
 

diff --git a/examples/slice/GenericHost/Server/Server.csproj b/examples/slice/GenericHost/Server/Server.csproj
@@ -21,6 +21,12 @@
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <SliceFile Include="../slice/Greeter.slice" />
     <PackageReference Include="Microsoft.Extensions.Hosting" Version="8.0.*" />

diff --git a/examples/slice/Quic/Server/Program.cs b/examples/slice/Quic/Server/Program.cs
@@ -7,13 +7,15 @@
 using System.Security.Cryptography.X509Certificates;
 
 // Create a server that uses the test server certificate, and the QUIC multiplexed transport.
+string certificatePath = "../../../../certs/server.p12";
 await using var server = new Server(
     new Chatbot(),
     new SslServerAuthenticationOptions
     {
-        ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
-    },
-    multiplexedServerTransport: new QuicServerTransport());
+        ServerCertificateContext = SslStreamCertificateContext.Create(
+            X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+            X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
+    });
 
 server.Listen();
 

diff --git a/examples/slice/Quic/Server/Server.csproj b/examples/slice/Quic/Server/Server.csproj
@@ -10,6 +10,12 @@
     <!-- Enable preview features to use the QUIC transport -->
     <EnablePreviewFeatures>True</EnablePreviewFeatures>
   </PropertyGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <SliceFile Include="../slice/Greeter.slice" />
     <Compile Include="../../../common/Program.CancelKeyPressed.cs" Link="Program.CancelKeyPressed.cs" />

diff --git a/examples/slice/Secure/Server/Program.cs b/examples/slice/Secure/Server/Program.cs
@@ -6,9 +6,12 @@
 using System.Security.Cryptography.X509Certificates;
 
 // Create the authentication options using the test server certificate.
+string certificatePath = "../../../../certs/server.p12";
 var serverAuthenticationOptions = new SslServerAuthenticationOptions()
 {
-    ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
+    ServerCertificateContext = SslStreamCertificateContext.Create(
+        X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+        X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
 };
 
 await using var server = new Server(new Chatbot(), serverAuthenticationOptions);

diff --git a/examples/slice/Secure/Server/Server.csproj b/examples/slice/Secure/Server/Server.csproj
@@ -8,6 +8,12 @@
     <!-- Copy the PDBs from the NuGet packages to get file names and line numbers in stack traces. -->
     <CopyDebugSymbolFilesFromPackages>true</CopyDebugSymbolFilesFromPackages>
   </PropertyGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <SliceFile Include="../slice/Greeter.slice" />
     <PackageReference Include="IceRpc.Slice.Tools" Version="$(IceRpcVersion)" PrivateAssets="All" />

diff --git a/examples/slice/TcpFallback/Server/Program.cs b/examples/slice/TcpFallback/Server/Program.cs
@@ -18,11 +18,14 @@
     .Map<IGreeterService>(new Chatbot());
 
 // Create two servers that share the same dispatch pipeline.
+string certificatePath = "../../../../certs/server.p12";
 await using var quicServer = new Server(
     router,
     new SslServerAuthenticationOptions
     {
-        ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
+        ServerCertificateContext = SslStreamCertificateContext.Create(
+            X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+            X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
     },
     multiplexedServerTransport: new QuicServerTransport(),
     logger: loggerFactory.CreateLogger<Server>());
@@ -33,7 +36,9 @@
     router,
     new SslServerAuthenticationOptions
     {
-        ServerCertificate = new X509Certificate2("../../../../certs/server.p12")
+        ServerCertificateContext = SslStreamCertificateContext.Create(
+            X509CertificateLoader.LoadPkcs12FromFile(certificatePath, password: null),
+            X509CertificateLoader.LoadPkcs12CollectionFromFile(certificatePath, password: null))
     },
     logger: loggerFactory.CreateLogger<Server>());
 

diff --git a/examples/slice/TcpFallback/Server/Server.csproj b/examples/slice/TcpFallback/Server/Server.csproj
@@ -10,6 +10,12 @@
     <!-- Enable preview features to use the QUIC transport -->
     <EnablePreviewFeatures>True</EnablePreviewFeatures>
   </PropertyGroup>
+
+  <!-- Required for X509CertificateLoader with .NET 8-->
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" Version="9.0.0-preview.*" />
+  </ItemGroup>
+
   <ItemGroup>
     <SliceFile Include="../slice/Greeter.slice" />
     <PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.*" />