self-sign certificate if not exists before benchmark

Author: DeagleGross

src/BenchmarksApps/TLS/HttpSys/NetShWrapper.cs

@@ -81,6 +81,33 @@ public static void SetTestCertBinding(string ipPort, bool enableClientCertNegoti
             Console.WriteLine("Configured binding for testCert for http.sys");
         }
 
+        public static bool TrySelfSignCertificate(string ipPort, out string certThumbprint)
+        {
+            certThumbprint = string.Empty;
+            try
+            {
+                // Extract the IP address from ipPort
+                string ipAddress = ipPort.Split(':')[0];
+
+                // Generate a self-signed certificate using PowerShell
+                string command = $"New-SelfSignedCertificate -CertStoreLocation cert:\\LocalMachine\\My -DnsName {ipAddress}";
+                string output = ExecutePowershellCommand(command);
+
+                // Extract the thumbprint from the output
+                var lines = output.Split("\r\n", StringSplitOptions.RemoveEmptyEntries);
+                var lastLine = lines[^1];
+                certThumbprint = lastLine.Split(" ", StringSplitOptions.RemoveEmptyEntries)[0];
+
+                Console.WriteLine($"Self-signed certificate for {ipAddress}");
+                return true;
+            }
+            catch (Exception ex)
+            {
+                Console.WriteLine("Failed to self-sign the certificate: " + ex.Message);
+                return false;
+            }
+        }
+
         public static void SetCertBinding(string ipPort, string certThumbprint, string appId = null, bool enableClientCertNegotiation = false)
         {
             var negotiateClientCert = enableClientCertNegotiation ? "enable" : "disable";
@@ -90,8 +117,12 @@ public static void SetCertBinding(string ipPort, string certThumbprint, string a
             }
             string command = $"http add sslcert ipport={ipPort} certstorename=MY certhash={certThumbprint} appid={{{appId}}} clientcertnegotiation={negotiateClientCert}";
             ExecuteNetShCommand(command);
+            Console.WriteLine($"Performed cert bindign for {ipPort}");
         }
 
+        private static string ExecutePowershellCommand(string command, bool alwaysLogOutput = false)
+            => ExecuteCommand("powershell.exe", command, alwaysLogOutput);
+
         private static string ExecuteNetShCommand(string command, bool alwaysLogOutput = false)
             => ExecuteCommand("netsh", command, alwaysLogOutput);
 

src/BenchmarksApps/TLS/HttpSys/Program.cs

@@ -20,8 +20,12 @@
 // existing netsh bindings to restore after the benchmark run
 if (!NetShWrapper.BindingExists(httpsIpPort, out var originalCertThumbprint, out var originalAppId))
 {
-    Console.WriteLine("WARNING: no binding existed...");
-    throw new ApplicationException($"SslCert binding should exist for '{httpsIpPort}' before. Infrastructure error.");
+    Console.WriteLine($"No binding existed. Need to self-sign it and bind to '{httpsIpPort}'");
+    if (!NetShWrapper.TrySelfSignCertificate(httpsIpPort, out originalCertThumbprint))
+    {
+        throw new ApplicationException($"Failed to setup ssl binding for '{httpsIpPort}'. Please unblock the VM.");
+    }
+    NetShWrapper.SetCertBinding(httpsIpPort, originalCertThumbprint);
 }
 
 #pragma warning disable CA1416 // Can be launched only on Windows (HttpSys)