Egov.Extensions.Configuration 10.0.4

Prefix Reserved
.NET 10.0 This package targets .NET 10.0. The package is compatible with this framework or higher. 
dotnet add package Egov.Extensions.Configuration --version 10.0.4
                    


                    

                
NuGet\Install-Package Egov.Extensions.Configuration -Version 10.0.4
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Egov.Extensions.Configuration" Version="10.0.4" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Egov.Extensions.Configuration" Version="10.0.4" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Egov.Extensions.Configuration" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Egov.Extensions.Configuration --version 10.0.4
                    


                    

                
#r "nuget: Egov.Extensions.Configuration, 10.0.4"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Egov.Extensions.Configuration@10.0.4
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Egov.Extensions.Configuration&version=10.0.4
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Egov.Extensions.Configuration&version=10.0.4
                    


                            Install as a Cake Tool

Egov.Extensions.Configuration

NuGet License: MIT

A .NET library that provides helpers for certificate loading and configuring IOptions<SystemCertificateOptions> in ASP.NET Core 10.0+ applications. It serves as a shared foundation for certificate management in services built on the eGov platform.

Table of Contents

Features

  • Load public certificates from CER/CRT files
  • Load private certificates from PFX/PKCS#12 files
  • Load certificates from Kubernetes TLS secrets (tls.crt / tls.key)
  • Load full certificate chains including intermediate certificates
  • Register certificates via ASP.NET Core Dependency Injection
  • TypeConverter support for binding certificates directly from configuration strings

Prerequisites

  • .NET 10.0 or later
  • A valid certificate file (PFX, CER, or PEM format)
  • Certificate password if the certificate is password-protected
  • For Kubernetes deployments: certificates mounted as TLS secrets with tls.crt and tls.key files

Installation

Install the package from NuGet:

dotnet add package Egov.Extensions.Configuration

Or via the Package Manager Console:

Install-Package Egov.Extensions.Configuration

Configuration

Add the following section to your appsettings.json:

{
  "Certificate": {
    "Path": "Files/Certificates/your-certificate.pfx",
    "Password": "your-certificate-password"
  }
}

Path can be:

  • A path to a PFX file (requires Password if encrypted)
  • A path to a CER/CRT file (public certificate only)
  • A path to a directory containing tls.crt and tls.key files (Kubernetes mounted secret)

Password is optional and only required for encrypted PFX files or encrypted PEM private keys.

Usage

Register the certificate in Program.cs:

builder.Services.AddSystemCertificate(builder.Configuration.GetSection("Certificate"));

Or configure it inline:

builder.Services.AddSystemCertificate(options =>
{
    options.Path = "Files/Certificates/your-certificate.pfx";
    options.Password = "your-certificate-password";
});

Then inject IOptions<SystemCertificateOptions> into your services:

public class MyService
{
    private readonly SystemCertificateOptions _certificateOptions;

    public MyService(IOptions<SystemCertificateOptions> certificateOptions)
    {
        _certificateOptions = certificateOptions.Value;
    }

    public void UseCertificate()
    {
        var certificate = _certificateOptions.Certificate;
        // Use the certificate...
    }
}

The SystemCertificateOptions also exposes IntermediateCertificates when the loaded certificate chain contains intermediate certificates.

Using CertificateLoader Directly

You can use the CertificateLoader static class without dependency injection.

Load a public certificate (CER/CRT):

var certificate = CertificateLoader.Public("path/to/certificate.cer");

Load a private certificate (PFX):

var certificate = CertificateLoader.Private("path/to/certificate.pfx", "password");

Load from a Kubernetes mounted secret:

var certificate = CertificateLoader.Private("/etc/ssl/certs/my-secret", null);

Load a full chain (certificate + intermediates):

var certificate = CertificateLoader.PrivateChain(
    "path/to/certificate.pfx",
    "password",
    out X509Certificate2Collection? intermediates);

Using CertificateConverter

CertificateConverter is a TypeConverter that allows binding an X509Certificate2 directly from a configuration string.

Register it once at application startup:

CertificateConverter.Register();

After registration, configuration strings are automatically converted:

  • "path/to/cert.cer" → loads a public certificate
  • "path/to/cert.pfx|password" → loads a private certificate (path and password separated by |)

Supported Certificate Formats

Format Description
PFX / PKCS#12 Password-protected certificate bundle with private key
CER / CRT Public certificate file (DER or PEM encoded)
PEM Certificate and key pair (tls.crt + tls.key), used with Kubernetes TLS secrets

Error Handling

Scenario Exception
Path is null or empty ArgumentException
File or directory not found ArgumentException
No certificate with private key found in PFX ArgumentException
Certificate could not be loaded (missing path and no direct assignment) InvalidOperationException
Loaded certificate does not contain a private key InvalidOperationException

Testing

The solution includes a dedicated test project Egov.Extensions.Configuration.Tests built with xUnit v3.

Test coverage

Test class What is covered
CertificateLoaderTests CertificateLoader.Public, Private, and PrivateChain — happy paths, null/empty/missing paths, PEM+key via directory
CertificateConverterTests CertificateConverter type conversion from config strings (CER path, PFX path with \| separator), error cases
SystemCertificateOptionsTests Default property values, property assignment, Dispose safety (null cert, double-dispose, intermediate certificates)
SystemCertificateOptionsPostConfigureTests Post-configure pipeline: loads certificate from path, validates private key presence, propagates intermediates
SystemCertificateExtensionsTests AddSystemCertificate DI extension — section binding and inline Action<> overload

Test certificates

The test project ships self-signed test certificates under TestCertificates/:

File Purpose
egov_library_test.pfx Password-protected PKCS#12 bundle (password: test)
egov_library_test.cer Public certificate (PEM)
egov_library_tes.key Private key (PEM)

These files are automatically copied to the build output directory by the project file and are not intended for production use.

Running the tests

dotnet test src/Egov.Extensions.Configuration.Tests

Or from the solution root:

dotnet test

Contributing

Contributions are welcome! Please read CONTRIBUTING.md for guidelines on how to get started.

Code of Conduct

This project adheres to the Contributor Covenant Code of Conduct. By participating, you are expected to uphold this code.

AI Assistance

This repository contains an AGENTS.md file with instructions and context for AI coding agents to assist in development, ensuring consistency in code style and project structure.

License

This project is licensed under the MIT License.

Product Compatible and additional computed target framework versions.
.NET net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

  • net10.0

    • No dependencies.

NuGet packages (7)

Showing the top 5 NuGet packages that depend on Egov.Extensions.Configuration:

Package Downloads
Egov.Integrations.MPass.Saml

This package contains an authentication handler for MPass implementing SAML 2.0 protocol for ASP.NET Core.
Egov.Integrations.MSign.Soap

A reusable library to connect with MSign using SOAP protocol.
Egov.Integrations.MConnect.Events

This package contains services for easy integration of producers and consumers with MConnect Events.
Egov.Integrations.MNotify

A .NET client library for integrating with the MNotify service.
Egov.Integrations.MDocs

A high-performance C# library for easy integration with MDocs document management services.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
10.0.4 424 4/9/2026
8.0.3 1,069 12/12/2025

Initial public release.