//
// Licensed to the Apache Software Foundation (ASF) under one or more
// contributor license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright ownership.
// The ASF licenses this file to You under the Apache License, Version 2.0
// (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// .Net StockTrader Sample WCF Application for Benchmarking, Performance Analysis and Design Considerations for Service-Oriented Applications
//======================================================================================================
// This is the Order Processor Service Custom Certificate validator. It utilizes the provide base class,
// CustomCertificateValidator, that comes with Config Service. This base class uses a list of thumbprints
// for valid certificates we want to accept for clients connecting with client certificates to the secured
// message security mode endpoint. See the StockTrader Setup and Configuration Guide for details. You
// must override the base method getAllowedThumbprints and provide your custom list, per below. For OPS,
// the only two certs that will be allowed are those that ship with the StockTrader sample.
//======================================================================================================
using System;
using System.Collections.Generic;
using System.Text;
using Trade.Utility;
namespace Trade.ConfigServiceImplementation
{
///
/// The Order Processor Service custom X.509 certificate validator, that uses the base class
/// provided with Configuration Service. This class is referenced in the config file, with the
/// OPS_M_Security_Behavior behavior configuration for the host exe.
///
public class CustomCertValidator : CustomCertificateValidator
{
///
/// Override to provide our list of valid cert thumbprints for the service.
///
///
protected override string[] getAllowedThumbprints()
{
List thumbprints = new List();
//This is the thumbprint for the BSLClient Certificate in the BSLClient.pfx file. Spaces should be removed.
thumbprints.Add("59d185eae27b5d89df9a90927353206cc89b8a1b");
//This is the thumbprint for the OPSHost Certificate in the OPSHost.pfx file. Spaces should be removed. We add
//this one as well for allowing the service certificate to be used when a node checks its own endpoints.
thumbprints.Add("fa0f58bb605fa43369e279e8f9088872fde09943");
return thumbprints.ToArray();
}
}
}