feat: read ssl pem/key path from env

This commit is contained in:
Oliver Booth 2023-08-10 23:33:15 +01:00
parent e3702878cd
commit b2a7bf3536
Signed by: oliverbooth
GPG Key ID: 725DB725A0D9EE61

View File

@ -1,3 +1,5 @@
using System.Runtime.InteropServices;
using System.Security.Cryptography.X509Certificates;
using Markdig; using Markdig;
using NLog; using NLog;
using NLog.Extensions.Logging; using NLog.Extensions.Logging;
@ -33,6 +35,36 @@ builder.Services.AddRazorPages().AddRazorRuntimeCompilation();
builder.Services.AddControllersWithViews(); builder.Services.AddControllersWithViews();
builder.Services.AddRouting(options => options.LowercaseUrls = true); builder.Services.AddRouting(options => options.LowercaseUrls = true);
builder.WebHost.UseKestrel(kestrel =>
{
string certPath = Environment.GetEnvironmentVariable("SSL_CERT_PATH")!;
if (!File.Exists(certPath))
{
kestrel.ListenAnyIP(5049);
return;
}
string? keyPath = Environment.GetEnvironmentVariable("SSL_KEY_PATH");
if (string.IsNullOrWhiteSpace(keyPath) || !File.Exists(keyPath)) keyPath = null;
kestrel.ListenAnyIP(2845, options =>
{
X509Certificate2 cert = CreateCertFromPemFile(certPath, keyPath);
options.UseHttps(cert);
});
return;
static X509Certificate2 CreateCertFromPemFile(string certPath, string? keyPath)
{
if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
return X509Certificate2.CreateFromPemFile(certPath, keyPath);
//workaround for windows issue https://github.com/dotnet/runtime/issues/23749#issuecomment-388231655
using var cert = X509Certificate2.CreateFromPemFile(certPath, keyPath);
return new X509Certificate2(cert.Export(X509ContentType.Pkcs12));
}
});
WebApplication app = builder.Build(); WebApplication app = builder.Build();
if (!app.Environment.IsDevelopment()) if (!app.Environment.IsDevelopment())