dotnet · antonfirsov · Mar 2, 2021 · Feb 26, 2021 · Feb 26, 2021 · Mar 1, 2021
diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs
@@ -30,6 +30,10 @@ public abstract partial class HttpClientHandler_ServerCertificates_Test : HttpCl
 
         public HttpClientHandler_ServerCertificates_Test(ITestOutputHelper output) : base(output) { }
 
+        // This enables customizing ServerCertificateCustomValidationCallback in WinHttpHandler variants:
+        protected bool AllowAllHttp2Certificates { get; set; } = true;
+        protected new HttpClientHandler CreateHttpClientHandler() => CreateHttpClientHandler(UseVersion, allowAllHttp2Certificates: AllowAllHttp2Certificates);
+
         [Fact]
         public void Ctor_ExpectedDefaultValues()
         {
@@ -451,15 +455,19 @@ public void HttpClientUsesSslCertEnvironmentVariables()
             File.WriteAllText(sslCertFile, "");
             psi.Environment.Add("SSL_CERT_FILE", sslCertFile);
 
-            RemoteExecutor.Invoke(async (useVersionString) =>
+            RemoteExecutor.Invoke(async (useVersionString, allowAllHttp2CertificatesString) =>
             {
                 const string Url = "https://www.microsoft.com";
 
-                using (HttpClient client = CreateHttpClient(useVersionString))
+                HttpClientHandler handler = CreateHttpClientHandler(
+                    Version.Parse(useVersionString),
+                    allowAllHttp2Certificates: bool.Parse(allowAllHttp2CertificatesString));
+
+                using (HttpClient client = CreateHttpClient(handler, useVersionString))
                 {
                     await Assert.ThrowsAsync<HttpRequestException>(() => client.GetAsync(Url));
                 }
-            }, UseVersion.ToString(), new RemoteInvokeOptions { StartInfo = psi }).Dispose();
+            }, UseVersion.ToString(), AllowAllHttp2Certificates.ToString(), new RemoteInvokeOptions { StartInfo = psi }).Dispose();
         }
     }
 }
diff --git a/...Net.Http.WinHttpHandler/tests/FunctionalTests/HttpClientHandlerTestBase.WinHttpHandler.cs b/...Net.Http.WinHttpHandler/tests/FunctionalTests/HttpClientHandlerTestBase.WinHttpHandler.cs
@@ -10,15 +10,13 @@ public abstract partial class HttpClientHandlerTestBase : FileCleanupTestBase
     {
         protected static bool IsWinHttpHandler => true;
 
-        protected static bool AllowAllCertificates { get; set; } = true;
-
-        protected static WinHttpClientHandler CreateHttpClientHandler(Version useVersion = null)
+        protected static WinHttpClientHandler CreateHttpClientHandler(Version useVersion = null, bool allowAllHttp2Certificates = true)
         {
             useVersion ??= HttpVersion.Version11;
 
             WinHttpClientHandler handler = new WinHttpClientHandler(useVersion);
 
-            if (useVersion >= HttpVersion20.Value && AllowAllCertificates)
+            if (useVersion >= HttpVersion20.Value && allowAllHttp2Certificates)
             {
                 handler.ServerCertificateCustomValidationCallback = TestHelper.AllowAllCertificates;
             }

diff --git a/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/PlatformHandlerTest.cs b/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/PlatformHandlerTest.cs
@@ -277,7 +277,7 @@ public sealed class PlatformHandler_HttpClientHandler_ServerCertificates_Http2_T
         protected override Version UseVersion => HttpVersion20.Value;
 
         public PlatformHandler_HttpClientHandler_ServerCertificates_Http2_Test(ITestOutputHelper output) : base(output) {
-            AllowAllCertificates = false;
+            AllowAllHttp2Certificates = false;
         }
     }
 

diff --git a/...ies/System.Net.Http/tests/FunctionalTests/HttpClientHandlerTestBase.SocketsHttpHandler.cs b/...ies/System.Net.Http/tests/FunctionalTests/HttpClientHandlerTestBase.SocketsHttpHandler.cs
@@ -18,13 +18,13 @@ public abstract partial class HttpClientHandlerTestBase : FileCleanupTestBase
 
         public static bool IsMsQuicSupported => QuicImplementationProviders.MsQuic.IsSupported;
 
-        protected static HttpClientHandler CreateHttpClientHandler(Version useVersion = null, QuicImplementationProvider quicImplementationProvider = null)
+        protected static HttpClientHandler CreateHttpClientHandler(Version useVersion = null, QuicImplementationProvider quicImplementationProvider = null, bool allowAllHttp2Certificates = true)
         {
             useVersion ??= HttpVersion.Version11;
 
             HttpClientHandler handler = (PlatformDetection.SupportsAlpn && useVersion != HttpVersion.Version30) ? new HttpClientHandler() : new VersionHttpClientHandler(useVersion);
 
-            if (useVersion >= HttpVersion.Version20)
+            if (useVersion >= HttpVersion.Version20 && allowAllHttp2Certificates)
             {
                 handler.ServerCertificateCustomValidationCallback = TestHelper.AllowAllCertificates;
             }