feat: read ssl pem/key path from env

2023-08-10 23:33:15 +01:00 · 2023-08-10 23:33:15 +01:00 · b2a7bf3536
commit b2a7bf3536
parent e3702878cd
1 changed files with 32 additions and 0 deletions
--- a/OliverBooth/Program.cs
+++ b/OliverBooth/Program.cs
@ -1,3 +1,5 @@
+using System.Runtime.InteropServices;
+using System.Security.Cryptography.X509Certificates;
 using Markdig;
 using NLog;
 using NLog.Extensions.Logging;
@ -33,6 +35,36 @@ builder.Services.AddRazorPages().AddRazorRuntimeCompilation();
 builder.Services.AddControllersWithViews();
 builder.Services.AddRouting(options => options.LowercaseUrls = true);

+builder.WebHost.UseKestrel(kestrel =>
+{
+    string certPath = Environment.GetEnvironmentVariable("SSL_CERT_PATH")!;
+    if (!File.Exists(certPath))
+    {
+        kestrel.ListenAnyIP(5049);
+        return;
+    }
+
+    string? keyPath = Environment.GetEnvironmentVariable("SSL_KEY_PATH");
+    if (string.IsNullOrWhiteSpace(keyPath) || !File.Exists(keyPath)) keyPath = null;
+
+    kestrel.ListenAnyIP(2845, options =>
+    {
+        X509Certificate2 cert = CreateCertFromPemFile(certPath, keyPath);
+        options.UseHttps(cert);
+    });
+    return;
+
+    static X509Certificate2 CreateCertFromPemFile(string certPath, string? keyPath)
+    {
+        if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
+            return X509Certificate2.CreateFromPemFile(certPath, keyPath);
+
+        //workaround for windows issue https://github.com/dotnet/runtime/issues/23749#issuecomment-388231655
+        using var cert = X509Certificate2.CreateFromPemFile(certPath, keyPath);
+        return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));
+    }
+});
+
 WebApplication app = builder.Build();

 if (!app.Environment.IsDevelopment())