Ensure SSL_CERT_DIR messages are always shown and check for existing value #64970
Conversation
github-actions
bot
added
the
area-commandlinetools
DamianEdwards
requested review from
BrennanConroy,
adityamandaleeka and
halter73
|
This PR and #64966 are both updating log messages; I'll need to update log IDs after one of the PRs merge. |
There was a problem hiding this comment.
Pull request overview
This PR enhances the dev-certs tool's logging behavior on Unix systems by ensuring SSL_CERT_DIR-related messages are always shown (even without --verbose), and adds intelligent handling of existing SSL_CERT_DIR environment variable values. The changes provide better user guidance by checking whether the certificate directory is already configured, and if not, providing context-specific instructions for setting or appending to the environment variable.
Key Changes:
- Modified event listener setup to always capture critical events (including LogAlways level) without requiring
--verboseflag - Added logic to detect and handle existing SSL_CERT_DIR environment variable values
- Created new log events for different SSL_CERT_DIR configuration scenarios
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| src/Tools/dotnet-dev-certs/src/Program.cs | Modified event listener initialization to ensure non-verbose mode still captures critical/LogAlways events |
| src/Shared/CertificateGeneration/UnixCertificateManager.cs | Added logic to check existing SSL_CERT_DIR value and provide appropriate instructions based on whether the certificate directory is already included |
| src/Shared/CertificateGeneration/CertificateManager.cs | Added new event methods for different SSL_CERT_DIR scenarios and updated existing event message formatting |
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
|
/backport to release/10.0 |
|
Started backporting to |
Ensure SSL_CERT_DIR messages are always shown and check for existing value
Improved logging for SSL_CERT_DIR related messages on Unix
Description
Ensures
EventLevel.LogAlwaysmessages are shown for thedev-certstool even when--verboseisn't specified to provide more visibility into setting theSSL_CERT_DIRenvironment variable on Linux. Checks to see if the environment variable is already set and, if so, provides specialized instructions on how to update. If the environment variable is already set and includes the dev cert trust path, we won't prompt. If it's set, but doesn't include the path, we instruct them to append instead of replace the value of the environment variable.