Add strategy for storing ACME site certificate in OS X.509 store.#45
Merged
Add strategy for storing ACME site certificate in OS X.509 store.#45
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds an OS X.509 certificate-store–backed persistence option for the ACME site certificate (including private key), updates the persistence pipeline to use a new “persist full site cert” strategy API, and introduces integration tests validating OS-store behavior.
Changes:
- Added
CertificateStorePersistenceStrategyfor storing/retrieving the site certificate from the OS X.509 store. - Extended
ICertificatePersistenceStrategywithPersistSiteCertificate(X509Certificate2)and updatedPersistenceServiceto use it. - Added integration tests covering OS-store persistence, cleanup, and selection behavior.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/opencertserver.acme.aspnetclient.tests/SelfSignedCertificate.cs | Adds helper for generating self-signed certs with a custom subject for store-based tests. |
| tests/opencertserver.acme.aspnetclient.tests/CertificateStorePersistenceTests.cs | New integration tests for OS certificate store persistence behavior. |
| src/opencertserver.acme.aspnetclient/RegistrationExtensions.cs | Adds DI registration extension for OS-store persistence strategy. |
| src/opencertserver.acme.aspnetclient/Persistence/PersistenceService.cs | Switches site-certificate persistence to call strategy PersistSiteCertificate(...). |
| src/opencertserver.acme.aspnetclient/Persistence/ICertificatePersistenceStrategy.cs | Adds default interface method PersistSiteCertificate(...) for full-cert persistence. |
| src/opencertserver.acme.aspnetclient/Persistence/CertificateStorePersistenceStrategy.cs | New strategy implementing OS-store persistence/retrieval for the site certificate. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Use OS cert store for storing certificates