全平台自动安装证书

2021-07-18 02:49:17 +08:00 · 2021-07-18 02:49:17 +08:00 · e9439541c3
commit e9439541c3
parent c5d31f38bf
2 changed files with 21 additions and 24 deletions
--- a/FastGithub.ReverseProxy/KestrelServerOptionsExtensions.cs
+++ b/FastGithub.ReverseProxy/KestrelServerOptionsExtensions.cs
@ -64,25 +64,21 @@ namespace FastGithub
        /// <param name="logger"></param>
        private static void TryInstallCaCert(string caPublicCerPath, ILogger logger)
        {
-            if (OperatingSystem.IsWindows())
+            try
            {
-                try
+                var caCert = new X509Certificate2(caPublicCerPath);
                using var store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
                store.Open(OpenFlags.ReadWrite);
                if (store.Certificates.Find(X509FindType.FindByThumbprint, caCert.Thumbprint, true).Count == 0)
                {
-                    var caCert = new X509Certificate2(caPublicCerPath);
+                    store.Add(caCert);
-                    using var store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
+                    store.Close();
                    store.Open(OpenFlags.ReadWrite);
                    if (store.Certificates.Find(X509FindType.FindByThumbprint, caCert.Thumbprint, true).Count == 0)
                    {
                        store.Add(caCert);
                        store.Close();
                    }
                }
                catch (Exception)
                {
                    logger.LogWarning($"安装根证书{caPublicCerPath}失败：请手动安装到“将所有的证书都放入下载存储”\\“受信任的根证书颁发机构”");
                }
            }
            catch (Exception)
            {
                logger.LogWarning($"安装根证书{caPublicCerPath}失败：请手动安装到“将所有的证书都放入下载存储”\\“受信任的根证书颁发机构”");
            }
        }
    }
 }
--- a/FastGithub.ReverseProxy/ReverseProxyMiddleware.cs
+++ b/FastGithub.ReverseProxy/ReverseProxyMiddleware.cs
@ -47,18 +47,19 @@ namespace FastGithub.ReverseProxy
                    error = ForwarderError.NoAvailableDestinations.ToString(),
                    message = $"不支持https反向代理{host}这个域名"
                });
                return;
            }
            else
            {
                var destinationPrefix = GetDestinationPrefix(host, domainConfig.Destination);
                var requestConfig = new ForwarderRequestConfig { Timeout = domainConfig.Timeout };
-            var destinationPrefix = GetDestinationPrefix(host, domainConfig.Destination);
+                var httpClient = domainConfig.TlsSni
-            var requestConfig = new ForwarderRequestConfig { Timeout = domainConfig.Timeout };
+                   ? new HttpMessageInvoker(this.sniHttpClientHanlder, disposeHandler: false)
                   : new HttpMessageInvoker(this.noSniHttpClientHanlder, disposeHandler: false);
-            var httpClient = domainConfig.TlsSni
+                var error = await httpForwarder.SendAsync(context, destinationPrefix, httpClient, requestConfig);
-               ? new HttpMessageInvoker(this.sniHttpClientHanlder, disposeHandler: false)
+                await ResponseErrorAsync(context, error);
-               : new HttpMessageInvoker(this.noSniHttpClientHanlder, disposeHandler: false);
+            }
            var error = await httpForwarder.SendAsync(context, destinationPrefix, httpClient, requestConfig);
            await ResponseErrorAsync(context, error);
        }
        /// <summary>