Certificate settings
Within system settings (appsettings.json) there are 2 certificates to be configured.
- Client Certificate, property
Client:Certificate
- Server SSL Certificate, property
Server:Endpoints:SslCertificate
General
Certificates can be loaded from .pfx files and windows certificate stores. If Path
is configured, concrii will try to load certificate from .pfx file. Otherwise, if StoreName
and StoreLocation
is configured, windows certificate store will be used.
Properties FindType
and FindValue
can be used for both options to identify the correct certificate.
Properties
Concrii instance client certificate: used for encrypting the configuration and for authentication to friends (Concrii instances).
Nested Object | Type | Description | Default |
---|---|---|---|
Path | string | Physical path (relative or absolute) to the .pfx file (certificate). | null |
Password | string | You can configure the password either here in cleartext (potential security breach) or specify it as an execution parameter when starting Concrii (password only after the executable). | null |
StoreName | string | Specify windows certifcate store to be seached within. Available values: My, Root, TrustedPeople, TrustedPublisher, AuthRoot, AddressBook, Disallowed. | null |
StoreLocation | string | Specify which location in the windows store to be seached within. Available values: CurrentUser, LocalMachine | null |
FindType | string | Specify by which attribute you want to find a certificate. Available values: FindByThumbprint, FindBySubjectName, FindBySubjectDistinguishedName, FindByIssuerName, FindByIssuerDistinguishedName, FindBySerialNumber, FindByTimeValid, FindByTimeNotYetValid, FindByTimeExpired, FindByTemplateName, FindByApplicationPolicy, FindByCertificatePolicy, FindByExtension, FindByKeyUsage, FindBySubjectKeyIdentifier. | null |
FindValue | string | Specify the value of FindType to be searched for within the specified certificate store location |
null |
Warning
Certificate settings StoreName
and StoreLocation
can be used on windows os, only.
Warning
If Path
and Password
properties are used to load a certificate, make sure to cipher Password
at any time. See Configuration overview for details.