Certificate settings
Within system settings (appsettings.json) there are 2 certificates to be configured.
- Client Certificate, property
Client:Certificate - Server SSL Certificate, property
Server:Endpoints:SslCertificate
General
Certificates can be loaded from .pfx files and windows certificate stores. If Path is configured, concrii will try to load certificate from .pfx file. Otherwise, if StoreName and StoreLocation is configured, windows certificate store will be used.
Properties FindType and FindValue can be used for both options to identify the correct certificate.
Properties
Concrii instance client certificate: used for encrypting the configuration and for authentication to friends (Concrii instances).
| Nested Object | Type | Description | Default |
|---|---|---|---|
| Path | string | Physical path (relative or absolute) to the .pfx file (certificate). | null |
| Password | string | You can configure the password either here in cleartext (potential security breach) or specify it as an execution parameter when starting Concrii (password only after the executable). | null |
| StoreName | string | Specify windows certifcate store to be seached within. Available values: My, Root, TrustedPeople, TrustedPublisher, AuthRoot, AddressBook, Disallowed. | null |
| StoreLocation | string | Specify which location in the windows store to be seached within. Available values: CurrentUser, LocalMachine | null |
| FindType | string | Specify by which attribute you want to find a certificate. Available values: FindByThumbprint, FindBySubjectName, FindBySubjectDistinguishedName, FindByIssuerName, FindByIssuerDistinguishedName, FindBySerialNumber, FindByTimeValid, FindByTimeNotYetValid, FindByTimeExpired, FindByTemplateName, FindByApplicationPolicy, FindByCertificatePolicy, FindByExtension, FindByKeyUsage, FindBySubjectKeyIdentifier. | null |
| FindValue | string | Specify the value of FindType to be searched for within the specified certificate store location |
null |
Warning
Certificate settings StoreName and StoreLocation can be used on windows os, only.
Warning
If Path and Password properties are used to load a certificate, make sure to cipher Password at any time. See Configuration overview for details.