Add client certificate support (#862)

* Add client certificate support * Add missing test certificate file * Review fixes * Review fixes * Review fixes * Review fixes
2026-04-17 14:09:40 +02:00 · 2022-12-11 14:30:47 -05:00
parent 9606fee8cb
commit 9ed6a75384
18 changed files with 236 additions and 33 deletions
--- a/src/WireMock.Net/Owin/AspNetCoreSelfHost.NETStandard.cs
+++ b/src/WireMock.Net/Owin/AspNetCoreSelfHost.NETStandard.cs
@@ -2,9 +2,10 @@
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Server.Kestrel.Core;
+using Microsoft.AspNetCore.Server.Kestrel.Https;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
-using WireMock.HttpsCertificate;
+using CertificateLoader = WireMock.HttpsCertificate.CertificateLoader;

 namespace WireMock.Owin
 {
@@ -26,21 +27,25 @@ namespace WireMock.Owin
                {
                    kestrelOptions.ListenAnyIP(urlDetail.Port, listenOptions =>
                    {
-                        if (wireMockMiddlewareOptions.CustomCertificateDefined)
+                        listenOptions.UseHttps(options =>
                        {
-                            listenOptions.UseHttps(CertificateLoader.LoadCertificate(
-                                wireMockMiddlewareOptions.X509StoreName,
-                                wireMockMiddlewareOptions.X509StoreLocation,
-                                wireMockMiddlewareOptions.X509ThumbprintOrSubjectName,
-                                wireMockMiddlewareOptions.X509CertificateFilePath,
-                                wireMockMiddlewareOptions.X509CertificatePassword,
-                                urlDetail.Host)
-                            );
-                        }
-                        else
-                        {
-                            listenOptions.UseHttps();
-                        }
+                            if (wireMockMiddlewareOptions.CustomCertificateDefined)
+                            {
+                                options.ServerCertificate = CertificateLoader.LoadCertificate(
+                                    wireMockMiddlewareOptions.X509StoreName,
+                                    wireMockMiddlewareOptions.X509StoreLocation,
+                                    wireMockMiddlewareOptions.X509ThumbprintOrSubjectName,
+                                    wireMockMiddlewareOptions.X509CertificateFilePath,
+                                    wireMockMiddlewareOptions.X509CertificatePassword,
+                                    urlDetail.Host);
+                            }
+
+                            options.ClientCertificateMode = (ClientCertificateMode) wireMockMiddlewareOptions.ClientCertificateMode;
+                            if (wireMockMiddlewareOptions.AcceptAnyClientCertificate)
+                            {
+                                options.ClientCertificateValidation = (_, _, _) => true;
+                            }
+                        });
                    });
                }
                else