Share via


HttpsConnectionAdapterOptions Class

Definition

Settings for how Kestrel should handle HTTPS connections.

public ref class HttpsConnectionAdapterOptions
public class HttpsConnectionAdapterOptions
type HttpsConnectionAdapterOptions = class
Public Class HttpsConnectionAdapterOptions
Inheritance
HttpsConnectionAdapterOptions

Constructors

HttpsConnectionAdapterOptions()

Initializes a new instance of HttpsConnectionAdapterOptions.

Properties

CheckCertificateRevocation

Specifies whether the certificate revocation list is checked during authentication.

ClientCertificateMode

Specifies the client certificate requirements for a HTTPS connection. Defaults to NoCertificate.

ClientCertificateValidation

Specifies a callback for additional client certificate validation that will be invoked during authentication. This will be ignored if AllowAnyClientCertificate() is called after this callback is set.

HandshakeTimeout

Specifies the maximum amount of time allowed for the TLS/SSL handshake. This must be positive or InfiniteTimeSpan. Defaults to 10 seconds.

OnAuthenticate

Provides direct configuration of the SslServerAuthenticationOptions on a per-connection basis. This is called after all of the other settings have already been applied.

ServerCertificate

Specifies the server certificate information presented when an https connection is initiated. This is ignored if ServerCertificateSelector is set.

If the server certificate has an Extended Key Usage extension, the usages must include Server Authentication (OID 1.3.6.1.5.5.7.3.1).

ServerCertificateChain

Specifies the full server certificate chain presented when an https connection is initiated

ServerCertificateSelector

A callback that will be invoked to dynamically select a server certificate. This is higher priority than ServerCertificate. If SNI is not available then the name parameter will be null. The ConnectionContext will be null for HTTP/3 connections.

If the server certificate has an Extended Key Usage extension, the usages must include Server Authentication (OID 1.3.6.1.5.5.7.3.1).

SslProtocols

Specifies allowable SSL protocols. Defaults to None which allows the operating system to choose the best protocol to use, and to block protocols that are not secure. Unless your app has a specific reason not to, you should use this default.

Methods

AllowAnyClientCertificate()

Overrides the current ClientCertificateValidation callback and allows any client certificate.

Applies to