dotnet/aspnetcore

Log HTTPs cert info on startup

Open

#4,759 opened on Feb 10, 2018

View on GitHub
 (10 comments) (2 reactions) (1 assignee)C# (10,653 forks)batch import
affected-very-fewarea-networkingenhancementfeature-kestrelhelp wantedseverity-nice-to-have

Repository metrics

Stars
 (37,933 stars)
PR merge metrics
 (Avg merge 16d 9h) (258 merged PRs in 30d)

Description

Kestrel logs endpoint when the server starts, but doesn't log which certificates were used. Now that Kestrel endpoints and certs can be configured from a file https://github.com/aspnet/KestrelHttpServer/pull/2186, it would be nice to show console info to help users identify if their config was correctly used.

Some ideas:

From store, show friendly name

Now listening on: https://localhost:5001
Using server certificate: "ASP.NET Core HTTPS development certificate" from cert:\CurrentUser\My

From store, show subject

Now listening on: https://localhost:5001
Using server certificate: CN=localhost, cert:\CurrentUser\My

From store, include more info like thumbprint

Now listening on: https://localhost:5001
Using server certificate: CN=localhost, cert:\CurrentUser\My, 52A477BBEDE8DFDEB699106D5FFB8FE89F9BF790

From file

Now listening on: https://localhost:5001
Using server certificate: C:\dev\test\cert.pfx

Multiple certs

Now listening on: https://localhost:5002
Using server certificate: C:\dev\test\cert2.pfx
Now listening on: https://localhost:5001
Using server certificate: C:\dev\test\cert1.pfx

Contributor guide