Show fwlink on certificate errors (#83).

Author: Cesar Blum Silveira

samples/AppSettings/Program.cs

@@ -13,7 +13,7 @@ public static void Main(string[] args)
         {
             using (WebHost.Start(context => context.Response.WriteAsync("Hello, World!")))
             {
-                Console.WriteLine("Running application: Press any key to shutdown...");
+                Console.WriteLine("Running application: Press any key to shutdown.");
                 Console.ReadKey();
             }
         }

src/Microsoft.AspNetCore/CertificateConfigurationException.cs

@@ -0,0 +1,15 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+
+namespace Microsoft.AspNetCore
+{
+    internal class CertificateConfigurationException : Exception
+    {
+        public CertificateConfigurationException(string message)
+            : base(message + ". For information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.")
+        {
+        }
+    }
+}

src/Microsoft.AspNetCore/CertificateLoader.cs

@@ -99,7 +99,7 @@ private X509Certificate2 LoadSingle(string certificateName)
 
             if (!certificateConfiguration.Exists())
             {
-                throw new InvalidOperationException($"No certificate named {certificateName} found in configuration");
+                throw new CertificateConfigurationException($"No certificate named {certificateName} found in configuration for the current environment");
             }
 
             return LoadSingle(certificateConfiguration);
@@ -119,7 +119,7 @@ private X509Certificate2 LoadSingle(IConfigurationSection certificateConfigurati
                     certificateSource = new CertificateStoreSource(_certificateStoreLoader);
                     break;
                 default:
-                    throw new InvalidOperationException($"Invalid certificate source kind: {sourceKind}");
+                    throw new CertificateConfigurationException($"Invalid certificate source kind: {sourceKind}");
             }
 
             certificateConfiguration.Bind(certificateSource);
@@ -163,7 +163,7 @@ public override X509Certificate2 Load()
 
                 if (error != null)
                 {
-                    throw error;
+                    throw new CertificateConfigurationException($"Unable to load certificate from file '{Path}': {error.Message}");
                 }
 
                 return certificate;
@@ -203,7 +203,7 @@ public override X509Certificate2 Load()
             {
                 if (!Enum.TryParse(StoreLocation, ignoreCase: true, result: out StoreLocation storeLocation))
                 {
-                    throw new InvalidOperationException($"Invalid store location: {StoreLocation}");
+                    throw new CertificateConfigurationException($"Invalid certificate store location: {StoreLocation}");
                 }
 
                 return _certificateStoreLoader.Load(Subject, StoreName, storeLocation, !AllowInvalid);

src/Microsoft.AspNetCore/KestrelServerOptionsSetup.cs

@@ -63,7 +63,7 @@ private void BindEndPoint(
 
                     if (certificate == null)
                     {
-                        throw new InvalidOperationException($"Unable to load certificate for endpoint '{endPoint.Key}'");
+                        throw new CertificateConfigurationException($"Unable to load certificate for endpoint '{endPoint.Key}'");
                     }
 
                     listenOptions.UseHttps(certificate);

test/Microsoft.AspNetCore.FunctionalTests/CertificateLoaderTests.cs

@@ -64,7 +64,7 @@ public void Throws_SingleCertificateName_File_KeyNotFound()
                 Mock.Of<ICertificateFileLoader>(),
                 Mock.Of<ICertificateStoreLoader>());
 
-            var exception = Assert.Throws<InvalidOperationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
             Assert.Equal("No certificate named Certificate2 found in configuration", exception.Message);
         }
 
@@ -81,19 +81,18 @@ public void Throws_SingleCertificateName_File_FileNotFound()
                 })
                 .Build();
 
-            var exception = new Exception();
-
             var certificateFileLoader = new Mock<ICertificateFileLoader>();
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate1.pfx", "Password1", It.IsAny<X509KeyStorageFlags>()))
-                .Callback(() => throw exception);
+                .Callback(() => throw new Exception(nameof(Throws_SingleCertificateName_File_FileNotFound)));
 
             var certificateLoader = new CertificateLoader(
                 configuration.GetSection("Certificates"),
                 certificateFileLoader.Object,
                 Mock.Of<ICertificateStoreLoader>());
 
-            Assert.Same(exception, Assert.Throws<Exception>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate"))));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            Assert.Equal($"Failed to load certificate from file 'Certificate1.pfx': {nameof(Throws_SingleCertificateName_File_FileNotFound)}", exception.Message);
         }
 
         [Fact]
@@ -147,7 +146,7 @@ public void Throws_SingleCertificateName_Store_KeyNotFound()
                 Mock.Of<ICertificateFileLoader>(),
                 Mock.Of<ICertificateStoreLoader>());
 
-            var exception = Assert.Throws<InvalidOperationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
             Assert.Equal("No certificate named Certificate2 found in configuration", exception.Message);
         }
 
@@ -256,7 +255,7 @@ public void Throws_MultipleCertificateNames_File_KeyNotFound(string certificateN
                 certificateFileLoader.Object,
                 Mock.Of<ICertificateStoreLoader>());
 
-            var exception = Assert.Throws<InvalidOperationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
             Assert.Equal("No certificate named NotFound found in configuration", exception.Message);
         }
 
@@ -279,22 +278,22 @@ public void Throws_MultipleCertificateNames_File_FileNotFound(string certificate
                 .Build();
 
             var certificate1 = new X509Certificate2();
-            var exception = new Exception();
 
             var certificateFileLoader = new Mock<ICertificateFileLoader>();
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate1.pfx", "Password1", It.IsAny<X509KeyStorageFlags>()))
                 .Returns(certificate1);
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate2.pfx", "Password2", It.IsAny<X509KeyStorageFlags>()))
-                .Throws(exception);
+                .Throws(new Exception(nameof(Throws_MultipleCertificateNames_File_FileNotFound)));
 
             var certificateLoader = new CertificateLoader(
                 configuration.GetSection("Certificates"),
                 certificateFileLoader.Object,
                 Mock.Of<ICertificateStoreLoader>());
 
-            Assert.Same(exception, Assert.Throws<Exception>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate"))));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            Assert.Equal($"Failed to load certificate from file 'Certificate2.pfx': {nameof(Throws_MultipleCertificateNames_File_FileNotFound)}", exception.Message);
         }
 
         [Fact]
@@ -377,7 +376,7 @@ public void Throws_MultipleCertificateNames_Store_KeyNotFound(string certificate
                 Mock.Of<ICertificateFileLoader>(),
                 certificateStoreLoader.Object);
 
-            var exception = Assert.Throws<InvalidOperationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
             Assert.Equal("No certificate named NotFound found in configuration", exception.Message);
         }
 
@@ -509,7 +508,7 @@ public void Throws_MultipleCertificateNames_FileAndStore_KeyNotFound(string cert
                 certificateFileLoader.Object,
                 certificateStoreLoader.Object);
 
-            var exception = Assert.Throws<InvalidOperationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
             Assert.Equal("No certificate named NotFound found in configuration", exception.Message);
         }
 
@@ -532,13 +531,12 @@ public void Throws_MultipleCertificateNames_FileAndStore_FileNotFound(string cer
                 })
                 .Build();
 
-            var exception = new Exception();
             var storeCertificate = new X509Certificate2();
 
             var certificateFileLoader = new Mock<ICertificateFileLoader>();
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate1.pfx", "Password1", It.IsAny<X509KeyStorageFlags>()))
-                .Throws(exception);
+                .Throws(new Exception(nameof(Throws_MultipleCertificateNames_FileAndStore_FileNotFound)));
 
             var certificateStoreLoader = new Mock<ICertificateStoreLoader>();
             certificateStoreLoader
@@ -550,7 +548,8 @@ public void Throws_MultipleCertificateNames_FileAndStore_FileNotFound(string cer
                 certificateFileLoader.Object,
                 certificateStoreLoader.Object);
 
-            Assert.Same(exception, Assert.Throws<Exception>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate"))));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            Assert.Equal($"Failed to load certificate from file 'Certificate1.pfx': {nameof(Throws_MultipleCertificateNames_FileAndStore_FileNotFound)}", exception.Message);
         }
 
         [Theory]
@@ -638,19 +637,18 @@ public void Throws_SingleCertificateInline_FileNotFound()
                 })
                 .Build();
 
-            var exception = new Exception();
-
             var certificateFileLoader = new Mock<ICertificateFileLoader>();
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate1.pfx", "Password1", It.IsAny<X509KeyStorageFlags>()))
-                .Throws(exception);
+                .Throws(new Exception(nameof(Throws_SingleCertificateInline_FileNotFound)));
 
             var certificateLoader = new CertificateLoader(
                 null,
                 certificateFileLoader.Object,
                 Mock.Of<ICertificateStoreLoader>());
 
-            Assert.Same(exception, Assert.Throws<Exception>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate"))));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificate")));
+            Assert.Equal($"Failed to load certificate from file 'Certificate1.pfx': {nameof(Throws_SingleCertificateInline_FileNotFound)}", exception.Message);
             certificateFileLoader.VerifyAll();
         }
 
@@ -764,22 +762,22 @@ public void Throws_MultipleCertificatesInline_File_FileNotFound()
                 .Build();
 
             var certificate1 = new X509Certificate2();
-            var exception = new Exception();
 
             var certificateFileLoader = new Mock<ICertificateFileLoader>();
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate1.pfx", "Password1", It.IsAny<X509KeyStorageFlags>()))
                 .Returns(certificate1);
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate2.pfx", "Password2", It.IsAny<X509KeyStorageFlags>()))
-                .Throws(exception);
+                .Throws(new Exception(nameof(Throws_MultipleCertificatesInline_File_FileNotFound)));
 
             var certificateLoader = new CertificateLoader(
                 null,
                 certificateFileLoader.Object,
                 Mock.Of<ICertificateStoreLoader>());
 
-            Assert.Same(exception, Assert.Throws<Exception>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificates"))));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificates")));
+            Assert.Equal($"Failed to load certificate from file 'Certificate2.pfx': {nameof(Throws_MultipleCertificatesInline_File_FileNotFound)}", exception.Message);
         }
 
         [Fact]
@@ -937,13 +935,12 @@ public void Throws_MultipleCertificatesInline_FileAndStore_FileNotFound()
                 })
                 .Build();
 
-            var exception = new Exception();
             var certificate = new X509Certificate2();
 
             var certificateFileLoader = new Mock<ICertificateFileLoader>();
             certificateFileLoader
                 .Setup(loader => loader.Load("Certificate1.pfx", "Password1", It.IsAny<X509KeyStorageFlags>()))
-                .Throws(exception);
+                .Throws(new Exception(nameof(Throws_MultipleCertificatesInline_FileAndStore_FileNotFound)));
 
             var certificateStoreLoader = new Mock<ICertificateStoreLoader>();
             certificateStoreLoader
@@ -955,7 +952,8 @@ public void Throws_MultipleCertificatesInline_FileAndStore_FileNotFound()
                 certificateFileLoader.Object,
                 certificateStoreLoader.Object);
 
-            Assert.Same(exception, Assert.Throws<Exception>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificates"))));
+            var exception = Assert.Throws<CertificateConfigurationException>(() => certificateLoader.Load(configuration.GetSection("TestConfig:Certificates")));
+            Assert.Equal($"Failed to load certificate from file 'Certificate1.pfx': {nameof(Throws_MultipleCertificatesInline_FileAndStore_FileNotFound)}", exception.Message);
         }
 
         [Fact]