Skip to content

Enforce SSL policy errors in custom certificate validation callback#4

Closed
Copilot wants to merge 2 commits into
developfrom
copilot/sub-pr-1-another-one
Closed

Enforce SSL policy errors in custom certificate validation callback#4
Copilot wants to merge 2 commits into
developfrom
copilot/sub-pr-1-another-one

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 14, 2026
edited
Loading

The ServerCertificateCustomValidationCallback in DockerMessageHandler discarded the sslPolicyErrors argument entirely, silently accepting connections with hostname mismatches or unavailable certificates as long as the chain built.

Changes

  • DockerMessageHandler.cs: Capture sslPolicyErrors and reject the connection if any flag other than RemoteCertificateChainErrors is set. RemoteCertificateChainErrors is the only expected error when using a custom trust store and is already handled by chain.Build().
ServerCertificateCustomValidationCallback = (_, serverCert, chain, sslPolicyErrors) =>
{
    if (serverCert is null || chain is null || (sslPolicyErrors & ~SslPolicyErrors.RemoteCertificateChainErrors) != SslPolicyErrors.None)
    {
        return false;
    }

    chain.ChainPolicy.CustomTrustStore.Add(_caCert);
    chain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
    return chain.Build(serverCert);
};

This ensures RemoteCertificateNameMismatch and RemoteCertificateNotAvailable are rejected outright rather than bypassed by a successful chain build.

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Copilot AI mentioned this pull request Mar 14, 2026
Merged
@henrikhimself
Fix SSL policy error handling in DockerMessageHandler
23a8a98 
Co-authored-by: henrikhimself <1175002+henrikhimself@users.noreply.github.com>
Copilot AI changed the title [WIP] [WIP] Address feedback from review on Aspire Remote Containers beta 1 Enforce SSL policy errors in custom certificate validation callback Mar 14, 2026
Copilot AI requested a review from henrikhimself March 14, 2026 07:27
@henrikhimself henrikhimself marked this pull request as ready for review March 14, 2026 07:35
Copilot AI review requested due to automatic review settings March 14, 2026 07:35
Copilot AI reviewed Mar 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Tightens TLS security for Docker connections by ensuring the ServerCertificateCustomValidationCallback respects sslPolicyErrors, preventing acceptance of connections with hostname mismatches or missing certificates even if the chain build succeeds.

Changes:

  • Add SslPolicyErrors evaluation in ServerCertificateCustomValidationCallback.
  • Reject certificates when any SSL policy error other than RemoteCertificateChainErrors is present.
  • Keep custom trust store / CustomRootTrust chain validation behavior for the expected chain error scenario.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

Comment thread src/RemoteContainers.Aspire/Docker/DockerMessageHandler.cs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@henrikhimself henrikhimself henrikhimself approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@henrikhimself henrikhimself

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@henrikhimself