Add client certificate support (#862)

* Add client certificate support

* Add missing test certificate file

* Review fixes

* Review fixes

* Review fixes

* Review fixes

src/WireMock.Net.Abstractions/Admin/Settings/SettingsModel.cs

@@ -96,4 +96,16 @@ public class SettingsModel
     /// Default value = "All".
     /// </summary>
     public QueryParameterMultipleValueSupport? QueryParameterMultipleValueSupport { get; set; }
+
+#if NETSTANDARD1_3_OR_GREATER || NET461
+    /// <summary>
+    /// Server client certificate mode
+    /// </summary>
+    public ClientCertificateMode ClientCertificateMode { get; set; }
+
+    /// <summary>
+    /// Whether to accept any client certificate
+    /// </summary>
+    public bool AcceptAnyClientCertificate { get; set; }
+#endif
 }

src/WireMock.Net.Abstractions/IRequestMessage.cs

@@ -1,5 +1,8 @@
 using System;
 using System.Collections.Generic;
+#if NETSTANDARD1_3_OR_GREATER || NET461
+using System.Security.Cryptography.X509Certificates;
+#endif
 using WireMock.Types;
 using WireMock.Util;
 
@@ -134,4 +137,11 @@ public interface IRequestMessage
     /// Gets the origin
     /// </summary>
     string Origin { get; }
+
+#if NETSTANDARD1_3_OR_GREATER || NET461
+    /// <summary>
+    /// Gets the connection's client certificate
+    /// </summary>
+    X509Certificate2? ClientCertificate { get; }
+#endif
 }

src/WireMock.Net.Abstractions/Types/ClientCertificateMode.cs

@@ -0,0 +1,31 @@
+namespace WireMock.Types;
+
+#if NETSTANDARD1_3_OR_GREATER || NET461
+/// <summary>
+/// Describes the client certificate requirements for a HTTPS connection.
+/// This enum is the same as https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.server.kestrel.https.clientcertificatemode
+/// </summary>
+public enum ClientCertificateMode
+{
+    /// <summary>
+    /// A client certificate is not required and will not be requested from clients.
+    /// </summary>
+    NoCertificate,
+
+    /// <summary>
+    /// A client certificate will be requested; however, authentication will not fail if a certificate is not provided by the client.
+    /// </summary>
+    AllowCertificate,
+
+    /// <summary>
+    /// A client certificate will be requested, and the client must provide a valid certificate for authentication to succeed.
+    /// </summary>
+    RequireCertificate,
+
+    /// <summary>
+    /// A client certificate is not required and will not be requested from clients at the start of the connection.
+    /// It may be requested by the application later.
+    /// </summary>
+    DelayCertificate,
+}
+#endif

src/WireMock.Net.Abstractions/WireMock.Net.Abstractions.csproj

@@ -4,7 +4,7 @@
         <Description>Commonly used models, enumerations and types.</Description>
         <AssemblyTitle>WireMock.Net.Abstractions</AssemblyTitle>
         <Authors>Stef Heyenrath</Authors>
-        <TargetFrameworks>net45;net451;netstandard1.0;netstandard2.0;netstandard2.1</TargetFrameworks>
+        <TargetFrameworks>net45;net451;net461;netstandard1.0;netstandard1.3;netstandard2.0;netstandard2.1</TargetFrameworks>
         <GenerateDocumentationFile>true</GenerateDocumentationFile>
         <NoWarn>$(NoWarn);1591;8603</NoWarn>
         <AssemblyName>WireMock.Net.Abstractions</AssemblyName>
@@ -41,6 +41,16 @@
         </PackageReference>
     </ItemGroup>
 
+    <ItemGroup Condition="$(TargetFramework.StartsWith('netstandard')) and '$(TargetFramework)' != 'netstandard1.0'">
+      <PackageReference Include="System.Security.Cryptography.X509Certificates" Version="4.3.0" />
+    </ItemGroup>
+
+    <ItemGroup Condition="'$(TargetFramework)' == 'net461'">
+        <PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies.net46" Version="1.0.2">
+            <PrivateAssets>all</PrivateAssets>
+            <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+        </PackageReference>
+    </ItemGroup>
     <!--<ItemGroup Condition="'$(TargetFramework)' == 'net45'">
         <PackageReference Include="Nullable" Version="1.2.1">
             <PrivateAssets>all</PrivateAssets>