1 // Licensed to the .NET Foundation under one or more agreements. 2 // The .NET Foundation licenses this file to you under the MIT license. 3 // See the LICENSE file in the project root for more information. 4 5 using System.Collections.Generic; 6 using System.Security.Authentication; 7 using System.Security.Cryptography.X509Certificates; 8 9 namespace System.Net.Security 10 { 11 public class SslServerAuthenticationOptions 12 { 13 private X509RevocationMode _checkCertificateRevocation = X509RevocationMode.NoCheck; 14 private SslProtocols _enabledSslProtocols = SecurityProtocol.SystemDefaultSecurityProtocols; 15 private EncryptionPolicy _encryptionPolicy = EncryptionPolicy.RequireEncryption; 16 private bool _allowRenegotiation = true; 17 18 internal RemoteCertValidationCallback _certValidationDelegate; 19 20 public bool AllowRenegotiation 21 { 22 get => _allowRenegotiation; 23 set => _allowRenegotiation = value; 24 } 25 26 public bool ClientCertificateRequired { get; set; } 27 28 public List<SslApplicationProtocol> ApplicationProtocols { get; set; } 29 30 public RemoteCertificateValidationCallback RemoteCertificateValidationCallback { get; set; } 31 32 public X509Certificate ServerCertificate { get; set; } 33 34 public SslProtocols EnabledSslProtocols 35 { 36 get => _enabledSslProtocols; 37 set => _enabledSslProtocols = value; 38 } 39 40 public X509RevocationMode CertificateRevocationCheckMode 41 { 42 get => _checkCertificateRevocation; 43 set 44 { 45 if (value != X509RevocationMode.NoCheck && value != X509RevocationMode.Offline && value != X509RevocationMode.Online) 46 { 47 throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(X509RevocationMode)), nameof(value)); 48 } 49 50 _checkCertificateRevocation = value; 51 } 52 } 53 54 public EncryptionPolicy EncryptionPolicy 55 { 56 get => _encryptionPolicy; 57 set 58 { 59 if (value != EncryptionPolicy.RequireEncryption && value != EncryptionPolicy.AllowNoEncryption && value != EncryptionPolicy.NoEncryption) 60 { 61 throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(EncryptionPolicy)), nameof(value)); 62 } 63 64 _encryptionPolicy = value; 65 } 66 } 67 } 68 } 69 70