Solar/Swarm
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

The gateway will trust self-signed CA

Browse Source
This commit is contained in:
LittleSheep
2025-07-20 17:06:20 +08:00
parent 608414bfda
commit b298465d70
1 changed files with 17 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
DysonNetwork.Gateway/Startup/ServiceCollectionExtensions.cs
View File

@@ -1,5 +1,6 @@
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using DysonNetwork.Shared.Registry; using DysonNetwork.Shared.Registry;
using Microsoft.AspNetCore.Http.Timeouts;
using Yarp.ReverseProxy.Configuration; using Yarp.ReverseProxy.Configuration;
namespace DysonNetwork.Gateway.Startup; namespace DysonNetwork.Gateway.Startup;
@@ -9,7 +10,21 @@ public static class ServiceCollectionExtensions
public static IServiceCollection AddGateway(this IServiceCollection services, IConfiguration configuration) public static IServiceCollection AddGateway(this IServiceCollection services, IConfiguration configuration)
{ {
services.AddRequestTimeouts(); services.AddRequestTimeouts();
services.AddReverseProxy();
services
.AddReverseProxy()
.ConfigureHttpClient((context, handler) =>
{
var caCert = X509CertificateLoader.LoadCertificateFromFile(configuration["CaCert"]!);
handler.SslOptions = new SslClientAuthenticationOptions
{
RemoteCertificateValidationCallback = (sender, cert, chain, errors) =>
{
return chain.ChainElements
.Any(e => e.Certificate.Thumbprint == caCert.Thumbprint);
}
};
});
services.AddRegistryService(configuration); services.AddRegistryService(configuration);
services.AddSingleton<IProxyConfigProvider, RegistryProxyConfigProvider>(); services.AddSingleton<IProxyConfigProvider, RegistryProxyConfigProvider>();