Rename option name and add a test

benjaminpetit · benjaminpetit · commit a859ba3b7be5 · 2025-04-15T18:44:03.000+02:00
diff --git a/src/Shared/CertificateGeneration/CertificateManager.cs b/src/Shared/CertificateGeneration/CertificateManager.cs
@@ -55,14 +55,28 @@ public int AspNetHttpsCertificateVersion
     {
         get;
         // For testing purposes only
-        internal set;
+        internal set
+        {
+            ArgumentOutOfRangeException.ThrowIfLessThan(
+                value,
+                MinimumAspNetHttpsCertificateVersion,
+                $"{nameof(AspNetHttpsCertificateVersion)} cannot be lesser than {nameof(MinimumAspNetHttpsCertificateVersion)}");
+            field = value;
+        }
     }
 
     public int MinimumAspNetHttpsCertificateVersion
     {
         get;
         // For testing purposes only
-        internal set;
+        internal set
+        {
+            ArgumentOutOfRangeException.ThrowIfGreaterThan(
+                value,
+                AspNetHttpsCertificateVersion,
+                $"{nameof(MinimumAspNetHttpsCertificateVersion)} cannot be greater than {nameof(AspNetHttpsCertificateVersion)}");
+            field = value;
+        }
     }
 
     public string Subject { get; }
diff --git a/src/Tools/FirstRunCertGenerator/test/CertificateManagerTests.cs b/src/Tools/FirstRunCertGenerator/test/CertificateManagerTests.cs
@@ -387,6 +387,7 @@ public void EnsureCreateHttpsCertificate_ReturnsExpiredCertificateIfVersionIsInc
         Output.WriteLine(creation.ToString());
         ListCertificates();
 
+        _manager.AspNetHttpsCertificateVersion = 2;
         _manager.MinimumAspNetHttpsCertificateVersion = 2;
 
         var httpsCertificateList = _manager.ListCertificates(StoreName.My, StoreLocation.CurrentUser, isValid: true);
@@ -400,17 +401,39 @@ public void EnsureCreateHttpsCertificate_ReturnsExpiredCertificateForEmptyVersio
 
         var now = DateTimeOffset.UtcNow;
         now = new DateTimeOffset(now.Year, now.Month, now.Day, now.Hour, now.Minute, now.Second, 0, now.Offset);
+        _manager.MinimumAspNetHttpsCertificateVersion = 0;
         _manager.AspNetHttpsCertificateVersion = 0;
         var creation = _manager.EnsureAspNetCoreHttpsDevelopmentCertificate(now, now.AddYears(1), path: null, trust: false, isInteractive: false);
         Output.WriteLine(creation.ToString());
         ListCertificates();
 
         _manager.AspNetHttpsCertificateVersion = 1;
+        _manager.MinimumAspNetHttpsCertificateVersion = 1;
 
         var httpsCertificateList = _manager.ListCertificates(StoreName.My, StoreLocation.CurrentUser, isValid: true);
         Assert.Empty(httpsCertificateList);
     }
 
+    [Fact]
+    public void EnsureCreateHttpsCertificate_DoNotOverrideValidOldCertificate()
+    {
+        _fixture.CleanupCertificates();
+
+        var now = DateTimeOffset.UtcNow;
+        now = new DateTimeOffset(now.Year, now.Month, now.Day, now.Hour, now.Minute, now.Second, 0, now.Offset);
+        var creation = _manager.EnsureAspNetCoreHttpsDevelopmentCertificate(now, now.AddYears(1), path: null, trust: false, isInteractive: false);
+        Output.WriteLine(creation.ToString());
+        ListCertificates();
+
+        // Simulate a tool with the same min version as the already existing cert but with a more
+        // recent generation version
+        _manager.MinimumAspNetHttpsCertificateVersion = 1;
+        _manager.AspNetHttpsCertificateVersion = 2;
+        var alreadyExist = _manager.EnsureAspNetCoreHttpsDevelopmentCertificate(now, now.AddYears(1), path: null, trust: false, isInteractive: false);
+        Output.WriteLine(alreadyExist.ToString());
+        Assert.Equal(EnsureCertificateResult.ValidCertificatePresent, alreadyExist);
+    }
+
     [ConditionalFact]
     [SkipOnHelix("https://github.com/dotnet/aspnetcore/issues/6720", Queues = "All.OSX")]
     public void EnsureCreateHttpsCertificate_ReturnsValidIfVersionIsZero()
@@ -441,7 +464,7 @@ public void EnsureCreateHttpsCertificate_ReturnValidIfCertIsNewer()
         Output.WriteLine(creation.ToString());
         ListCertificates();
 
-        _manager.AspNetHttpsCertificateVersion = 1;
+        _manager.MinimumAspNetHttpsCertificateVersion = 1;
         var httpsCertificateList = _manager.ListCertificates(StoreName.My, StoreLocation.CurrentUser, isValid: true);
         Assert.NotEmpty(httpsCertificateList);
     }
@@ -533,8 +556,8 @@ public CertFixture()
 
     internal void CleanupCertificates()
     {
-        Manager.AspNetHttpsCertificateVersion = 1;
         Manager.MinimumAspNetHttpsCertificateVersion = 1;
+        Manager.AspNetHttpsCertificateVersion = 1;
         Manager.RemoveAllCertificates(StoreName.My, StoreLocation.CurrentUser);
         if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows) || RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
         {
diff --git a/src/Tools/dotnet-dev-certs/src/Program.cs b/src/Tools/dotnet-dev-certs/src/Program.cs
@@ -114,7 +114,7 @@ public static int Main(string[] args)
                     "Display warnings and errors only.",
                     CommandOptionType.NoValue);
 
-                var checkJsonOutput = c.Option("--check-json-output",
+                var checkJsonOutput = c.Option("--check-trust-machine-readable",
                     "Same as running --check --trust, but output the results in json.",
                     CommandOptionType.NoValue);
 
