MesAuth.SslTrustHelper 1.0.4

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. 
dotnet add package MesAuth.SslTrustHelper --version 1.0.4
                    


                    

                
NuGet\Install-Package MesAuth.SslTrustHelper -Version 1.0.4
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="MesAuth.SslTrustHelper" Version="1.0.4" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="MesAuth.SslTrustHelper" Version="1.0.4" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="MesAuth.SslTrustHelper" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add MesAuth.SslTrustHelper --version 1.0.4
                    


                    

                
#r "nuget: MesAuth.SslTrustHelper, 1.0.4"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package MesAuth.SslTrustHelper@1.0.4
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=MesAuth.SslTrustHelper&version=1.0.4
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=MesAuth.SslTrustHelper&version=1.0.4
                    


                            Install as a Cake Tool

MesAuth.SslTrustHelper

SSL trust helper for self-signed server certificates used in MES applications. Supports multiple trusted domains.

Overview

Provides validated, thumbprint-based SSL trust for self-signed certificates — replacing blanket (_, _, _, _) => true callbacks with proper certificate pinning that auto-saves on first connection.

Usage

Register trusted domains

using MesAuth.SslTrust;

// Single domain
SslTrustHelper.AddTrustedDomains("domain.com");

// Multiple domains in one call
SslTrustHelper.AddTrustedDomains("domain1.com", "domain2.com");

// Certs stored as:
//   {appDir}/domain1.cer
//   {appDir}/domain2.cer

Wire up to HttpClient

var handler = new SocketsHttpHandler
{
    SslOptions = new SslClientAuthenticationOptions
    {
        RemoteCertificateValidationCallback = SslTrustHelper.ValidateCertificate
    }
};

Trust Logic

Checked against all registered domains in order:

Condition Result
OS-trusted certificate (CA-signed) ✅ Allow
Thumbprint matches a saved .cer ✅ Allow
Same subject/CN, new thumbprint (cert renewed) ✅ Allow + auto-save new cert
Domain registered, no .cer yet, subject contains domain name ✅ Allow + auto-save (first connection)
No domain matches ❌ Reject

Behavior

  • First startup: no .cer file exists → cert auto-trusted and saved when the subject CN matches the registered domain
  • Normal startup: .cer loaded at startup, validated by thumbprint on each request
  • Cert renewal: same CN detected → new cert auto-saved, old thumbprint replaced
  • CA-signed cert: SslPolicyErrors.None → always trusted without a file
  • Multiple domains: each domain maintains its own .cer file independently

Certificate files

Certs are always stored in the application's base directory (AppDomain.CurrentDomain.BaseDirectory) as {domain}.cer. No configuration needed.

Logging

Uses Serilog when available (detected via reflection), falls back to Console.WriteLine. No hard Serilog dependency.

Requirements

  • .NET 8, .NET 9, or .NET 10
Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 is compatible.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

  • net10.0

    • No dependencies.

  • net8.0

    • No dependencies.

  • net9.0

    • No dependencies.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on MesAuth.SslTrustHelper:

Package Downloads
MesAuth.Authorizer

Mes authorizer is middle-ware to verify authencation of MesAuth service

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.4 158 2/20/2026
1.0.3 126 2/20/2026
1.0.2 82 2/20/2026
1.0.1 120 2/19/2026
1.0.0 79 2/19/2026