Add SHA-2 self-signed cert and use SecureString as password parameter

Wilson.sln

@@ -15,6 +15,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "certs", "certs", "{1751FD49
 		test\Certs\SelfSigned1024_SHA1.pfx = test\Certs\SelfSigned1024_SHA1.pfx
 		test\Certs\SelfSigned1024_SHA256.pfx = test\Certs\SelfSigned1024_SHA256.pfx
 		test\Certs\SelfSigned2048_SHA256.pfx = test\Certs\SelfSigned2048_SHA256.pfx
+		test\Certs\SelfSigned2048_SHA256_2.pfx = test\Certs\SelfSigned2048_SHA256_2.pfx
 		test\Certs\SelfSigned2048_SHA256_Public.cer = test\Certs\SelfSigned2048_SHA256_Public.cer
 		test\Certs\SelfSigned2048_SHA384.pfx = test\Certs\SelfSigned2048_SHA384.pfx
 		test\Certs\SelfSigned2048_SHA512.pfx = test\Certs\SelfSigned2048_SHA512.pfx

build/credscan-exclusion.json

@@ -1,61 +1,65 @@
 {
   "tool": "Credential Scanner",
-  "suppressions": [
-    {
-      "file": "SelfSigned1024_SHA1.pfx",
-      "_justification": "Self-signed certificate used by unit tests"
-    },
-    {
-      "file": "SelfSigned1024_SHA256.pfx",
-      "_justification": "Self-signed certificate used by unit tests."
-    },
-    {
-      "file": "SelfSigned2048_SHA256.pfx",
-      "_justification": "Self-signed certificate used by unit tests."
-    },
-    {
-      "file": "SelfSigned2048_SHA384.pfx",
-      "_justification": "Self-signed certificate used by unit tests."
-    },
-    {
-      "file": "SelfSigned2048_SHA512.pfx",
-      "_justification": "Self-signed certificate used by unit tests"
-    },
-    {
-      "file": "KeyingMaterial.cs",
-      "_justification": "Test contains password to load the two dummy valid_cert files excluded above"
-    },
-    {
-      "file": "JsonWebTokenHandlerTests.cs",
-      "_justification": "Test contains an access token that's used only for testing purposes."
-    },
-    {
-      "file": "OpenIdConnectParameterNames.cs",
-      "_justification": "One of the constants has value: 'client_secret' which triggers a CredScan issue."
-    },
-    {
-      "file": "ReferenceTokens.cs",
-      "_justification": "File contains tokens that are used only for testing purposes."
-    },
-    {
-      "file": "SignedHttpRequestTestUtils.cs",
-      "_justification": "File contains tokens that are used only for testing purposes."
-    },
-    {
-      "file": "JsonWebKeyTests.cs",
-      "_justification": "File contains tokens that are used only for testing purposes."
-    },
-    {
-      "file": "TestData.cs",
-      "_justification": "File contains tokens that are used only for testing purposes."
-    },
-    {
-      "file": "JwtSecurityTokenHandlerTests.cs",
-      "_justification": "File contains tokens that are used only for testing purposes."
-    },
-    {
-      "file": "References.cs",
-      "_justification": "File contains tokens that are used only for testing purposes."
-    }
-  ]
+    "suppressions": [
+        {
+            "file": "SelfSigned1024_SHA1.pfx",
+            "_justification": "Self-signed certificate used by unit tests"
+        },
+        {
+            "file": "SelfSigned1024_SHA256.pfx",
+            "_justification": "Self-signed certificate used by unit tests."
+        },
+        {
+            "file": "SelfSigned2048_SHA256.pfx",
+            "_justification": "Self-signed certificate used by unit tests."
+        },
+        {
+            "file": "SelfSigned2048_SHA256_2.pfx",
+            "_justification": "Self-signed certificate used by unit tests."
+        },
+        {
+            "file": "SelfSigned2048_SHA384.pfx",
+            "_justification": "Self-signed certificate used by unit tests."
+        },
+        {
+            "file": "SelfSigned2048_SHA512.pfx",
+            "_justification": "Self-signed certificate used by unit tests"
+        },
+        {
+            "file": "KeyingMaterial.cs",
+            "_justification": "Test contains password to load the two dummy valid_cert files excluded above"
+        },
+        {
+            "file": "JsonWebTokenHandlerTests.cs",
+            "_justification": "Test contains an access token that's used only for testing purposes."
+        },
+        {
+            "file": "OpenIdConnectParameterNames.cs",
+            "_justification": "One of the constants has value: 'client_secret' which triggers a CredScan issue."
+        },
+        {
+            "file": "ReferenceTokens.cs",
+            "_justification": "File contains tokens that are used only for testing purposes."
+        },
+        {
+            "file": "SignedHttpRequestTestUtils.cs",
+            "_justification": "File contains tokens that are used only for testing purposes."
+        },
+        {
+            "file": "JsonWebKeyTests.cs",
+            "_justification": "File contains tokens that are used only for testing purposes."
+        },
+        {
+            "file": "TestData.cs",
+            "_justification": "File contains tokens that are used only for testing purposes."
+        },
+        {
+            "file": "JwtSecurityTokenHandlerTests.cs",
+            "_justification": "File contains tokens that are used only for testing purposes."
+        },
+        {
+            "file": "References.cs",
+            "_justification": "File contains tokens that are used only for testing purposes."
+        }
+    ]
 }