Description
Is there an existing issue for this?
- I have searched the existing issues
Is your feature request related to a problem? Please describe the problem.
I am trying to apply the HTTPS certificate stored in Azure KeyVault with Krestel server using KeyVault Configuration Provider. By KeyVault Configuration Provider, certificates could be retrieved as secrets in base64-pfx format, while Krestel configuration does not support passing the base64 pfx content directly. Now I have to do either:
Suppose I store the certificate in Azure KeyVault with name Krestel--Certificates--Default--Content
// Program.cs
File.WriteAllBytes("https.pfx", Convert.FromBase64String(builder.Configuration["Krestel:Certiticates:Default:Content"]));{
"//": "appsettings.json",
"Krestel": {
"Certificates": {
"Default": {
"Path": "https.pfx"
}
}
}
}or
// Program.cs
builder.Services.Configure<KestrelServerOptions>(options =>
{
options.ConfigureHttpsDefaults(httpsOptions =>
{
httpsOptions.ServerCertificate = new(Convert.FromBase64String(builder.Configuration["Krestel:Certificates:Default:Content"]));
});
});Describe the solution you'd like
It will be great if we can directly support the key like Krestel:Certificates:Default:Content with base64 encoded pfx format. This will make we migrate from http to https with certs in Azure KeyVault more smoothly - no need to change the code and recompile or write some preprocesses to download the cert to local, just add some fields to configuration and all set.
Additional context
No response