Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/dotnet/aspnetcore/issues/34124 below:

[Annoucement] ClientCertificate property no longer triggers renegotiation for HttpSys · Issue #34124 · dotnet/aspnetcore · GitHub

The HttpContext.Connection.ClientCertificate property will no longer trigger TLS renegotiations for HttpSys.

6.0

Setting HttpSysOptions.ClientCertificateMethod = ClientCertificateMethod.AllowRenegotation allowed renegotiation to be triggered by both HttpContext.Connection.ClientCertificate and HttpContext.Connection.GetClientCertifiateAsync.

See aspnet/Announcements#422 for related changes in 5.0.

Setting HttpSysOptions.ClientCertificateMethod = ClientCertificateMethod.AllowRenegotation will allow renegotiation to be triggered only by HttpContext.Connection.GetClientCertifiateAsync. HttpContext.Connection.ClientCertificate will return the current certificate if available, but will not renegotiate with the client to request one.

When implementing the same features for Kestrel it became clear that applications needed to be able to check the state of the client certificate before triggering a renegotiation. This enables the following usage pattern to deal with issues like the request body conflicting with the renegotiation:

if (connection.ClientCertificate == null)
{
  await BufferRequestBodyAsync();
  await connection.GetClientCertificateAsync();
}

Applications that use delayed client certificate negotiation need to call GetClientCertificateAsync() to trigger that.

ASP.NET

HttpSysOptions.ClientCertificateMethod
HttpContext.Connection.ClientCertificate
HttpContext.Connection.GetClientCertifiateAsync

• Issue type: breaking-change

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4