From 61c8103bda5aeb4d8fecdd66a144ed23ef6db42f Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Thu, 23 Mar 2023 18:05:24 +0200
Subject: [PATCH 01/38] TestRedisCloudConnection

---
 .../Examples/ExamplesTests.cs                 | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 5e69078b..a9972a19 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -1,3 +1,5 @@
+using System.Diagnostics;
+using System.Security.Cryptography.X509Certificates;
 using Moq;
 using NRedisStack.DataTypes;
 using NRedisStack.RedisStackCommands;
@@ -282,4 +284,40 @@ public void TestJsonConvert()
 
         Assert.Equal(10, docs.Count());
     }
+
+    [Fact]
+    public void TestRedisCloudConnection()
+    {
+        // Create configuration options from Redis URL
+        var options = new ConfigurationOptions()
+        {
+            User = Environment.GetEnvironmentVariable("USER"),
+            Password = Environment.GetEnvironmentVariable("PASSWORD"),
+        };
+
+        options.EndPoints.Add(Environment.GetEnvironmentVariable("ENDPOINT")!);
+
+        // Connect to Redis instance
+        using var connection = ConnectionMultiplexer.Connect(options);
+
+        // Get database
+        var db = connection.GetDatabase();
+
+        // Set key-value pair
+        var key = "mykey";
+        var value = "myvalue";
+        var setResult = db.StringSet(key, value);
+
+        // Assert that the set operation succeeded
+        Assert.True(setResult);
+
+        // Get value for key
+        var getValue = db.StringGet(key);
+
+        // Assert that the retrieved value matches the original value
+        Assert.Equal(value, getValue);
+
+        // Delete
+        db.KeyDelete(key);
+    }
 }
\ No newline at end of file

From b1619017d7ee7e26e890ddcb97f8931376409d8c Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 27 Mar 2023 14:16:58 +0300
Subject: [PATCH 02/38] using .env for the enviroment vars

---
 .gitignore                                        |  4 +++-
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 15 ++++++++++++---
 tests/NRedisStack.Tests/NRedisStack.Tests.csproj  |  1 +
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/.gitignore b/.gitignore
index 25913044..a1f5ccda 100644
--- a/.gitignore
+++ b/.gitignore
@@ -399,4 +399,6 @@ FodyWeavers.xsd
 .idea
 tests/NRedisStack.Tests/lcov.net7.0.info
 tests/NRedisStack.Tests/lcov.net6.0.info
-tests/NRedisStack.Tests/lcov.info
\ No newline at end of file
+tests/NRedisStack.Tests/lcov.info
+tests/NRedisStack.Tests/DotEnv.cs
+tests/NRedisStack.Tests/.env
diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index a9972a19..696489da 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -288,14 +288,23 @@ public void TestJsonConvert()
     [Fact]
     public void TestRedisCloudConnection()
     {
+        var root = Directory.GetCurrentDirectory();
+        var dotenv = Path.Combine(root, "..", "..", "..", ".env");
+        DotEnv.Load(dotenv);
+
+        var userName = Environment.GetEnvironmentVariable("USER_NAME");
+        var password = Environment.GetEnvironmentVariable("PASSWORD");
+        var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT environment variable is not set.");
+        var all = Environment.GetEnvironmentVariables();
+
         // Create configuration options from Redis URL
         var options = new ConfigurationOptions()
         {
-            User = Environment.GetEnvironmentVariable("USER"),
-            Password = Environment.GetEnvironmentVariable("PASSWORD"),
+            User = userName,
+            Password = password,
         };
 
-        options.EndPoints.Add(Environment.GetEnvironmentVariable("ENDPOINT")!);
+        options.EndPoints.Add(endpoint);
 
         // Connect to Redis instance
         using var connection = ConnectionMultiplexer.Connect(options);
diff --git a/tests/NRedisStack.Tests/NRedisStack.Tests.csproj b/tests/NRedisStack.Tests/NRedisStack.Tests.csproj
index 55871bf7..e34c4ec2 100644
--- a/tests/NRedisStack.Tests/NRedisStack.Tests.csproj
+++ b/tests/NRedisStack.Tests/NRedisStack.Tests.csproj
@@ -19,6 +19,7 @@
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
+    <PackageReference Include="dotenv.net" Version="3.1.2" />
     <PackageReference Include="Moq" Version="4.18.1" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.11.0" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3" />

From eb6747eb78a42884335018778a48705e9dee7fee Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 27 Mar 2023 14:22:17 +0300
Subject: [PATCH 03/38] DotEnv class

---
 .gitignore                        |  1 -
 tests/NRedisStack.Tests/DotEnv.cs | 26 ++++++++++++++++++++++++++
 2 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 tests/NRedisStack.Tests/DotEnv.cs

diff --git a/.gitignore b/.gitignore
index a1f5ccda..a5be34f6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -400,5 +400,4 @@ FodyWeavers.xsd
 tests/NRedisStack.Tests/lcov.net7.0.info
 tests/NRedisStack.Tests/lcov.net6.0.info
 tests/NRedisStack.Tests/lcov.info
-tests/NRedisStack.Tests/DotEnv.cs
 tests/NRedisStack.Tests/.env
diff --git a/tests/NRedisStack.Tests/DotEnv.cs b/tests/NRedisStack.Tests/DotEnv.cs
new file mode 100644
index 00000000..144e7de9
--- /dev/null
+++ b/tests/NRedisStack.Tests/DotEnv.cs
@@ -0,0 +1,26 @@
+namespace NRedisStack.Tests
+{
+    using System;
+    using System.IO;
+
+    public static class DotEnv
+    {
+        public static void Load(string filePath)
+        {
+            if (!File.Exists(filePath))
+                return;
+
+            foreach (var line in File.ReadAllLines(filePath))
+            {
+                var parts = line.Split(
+                    '=',
+                    StringSplitOptions.RemoveEmptyEntries);
+
+                if (parts.Length != 2)
+                    continue;
+
+                Environment.SetEnvironmentVariable(parts[0], parts[1]);
+            }
+        }
+    }
+}
\ No newline at end of file

From 955efac2dc0042969be4c6d4e2034ae01b571d9b Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 27 Mar 2023 14:33:39 +0300
Subject: [PATCH 04/38] delete 'all' var

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 696489da..7b3f33e5 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -295,7 +295,6 @@ public void TestRedisCloudConnection()
         var userName = Environment.GetEnvironmentVariable("USER_NAME");
         var password = Environment.GetEnvironmentVariable("PASSWORD");
         var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT environment variable is not set.");
-        var all = Environment.GetEnvironmentVariables();
 
         // Create configuration options from Redis URL
         var options = new ConfigurationOptions()

From 742f2384b0aca2fcfdeb1c3f5c1471440702d01e Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 27 Mar 2023 16:06:44 +0300
Subject: [PATCH 05/38] add env vars to yml

---
 .github/workflows/integration.yml                 | 12 +++++++++++-
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs |  8 +++-----
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index a3e3b094..3743c5c4 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -18,6 +18,11 @@ jobs:
   build_and_Test:
     name: Build and test
     runs-on: ubuntu-latest
+    environment: REDIS_USER
+    env:
+      ENDPOINT: ${{ secrets.ENDPOINT }}
+      USER_NAME: ${{ secrets.USER_NAME }}
+      PASSWORD: ${{ secrets.PASSWORD }}
     steps:
       - uses: actions/checkout@v3
       - name: .NET Core 6
@@ -48,6 +53,11 @@ jobs:
   build_and_test_windows:
     name: Build and Test on Windows
     runs-on: windows-latest
+    environment: REDIS_USER
+    env:
+      USER_NAME: ${{ secrets.USER_NAME }}
+      PASSWORD: ${{ secrets.PASSWORD }}
+      ENDPOINT: ${{ secrets.ENDPOINT }}
     steps:
       - uses: actions/checkout@v3
       - uses: Vampire/setup-wsl@v2
@@ -59,7 +69,7 @@ jobs:
           sudo apt-get update
           sudo apt-get install curl -y && sudo apt-get install gpg -y && apt-get install lsb-release -y && apt-get install libgomp1 -y
           curl https://packages.redis.io/redis-stack/redis-stack-server-${{env.redis_stack_version}}.jammy.x86_64.tar.gz -o redis-stack.tar.gz
-          tar xf redis-stack.tar.gz      
+          tar xf redis-stack.tar.gz
       - name: Restore dependencies
         run: dotnet restore
       - name: Build
diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 7b3f33e5..2a1253ef 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -1,5 +1,3 @@
-using System.Diagnostics;
-using System.Security.Cryptography.X509Certificates;
 using Moq;
 using NRedisStack.DataTypes;
 using NRedisStack.RedisStackCommands;
@@ -292,9 +290,9 @@ public void TestRedisCloudConnection()
         var dotenv = Path.Combine(root, "..", "..", "..", ".env");
         DotEnv.Load(dotenv);
 
-        var userName = Environment.GetEnvironmentVariable("USER_NAME");
-        var password = Environment.GetEnvironmentVariable("PASSWORD");
-        var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT environment variable is not set.");
+        var userName = Environment.GetEnvironmentVariable("USER_NAME") ?? throw new Exception("USER_NAME is not set.");
+        var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
+        var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
 
         // Create configuration options from Redis URL
         var options = new ConfigurationOptions()

From 4d146275e89573349399dae047e25a6e8c862acc Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 27 Mar 2023 17:26:09 +0300
Subject: [PATCH 06/38] delete DotEnv class

---
 tests/NRedisStack.Tests/DotEnv.cs             | 26 -------------------
 .../Examples/ExamplesTests.cs                 |  6 ++---
 2 files changed, 3 insertions(+), 29 deletions(-)
 delete mode 100644 tests/NRedisStack.Tests/DotEnv.cs

diff --git a/tests/NRedisStack.Tests/DotEnv.cs b/tests/NRedisStack.Tests/DotEnv.cs
deleted file mode 100644
index 144e7de9..00000000
--- a/tests/NRedisStack.Tests/DotEnv.cs
+++ /dev/null
@@ -1,26 +0,0 @@
-namespace NRedisStack.Tests
-{
-    using System;
-    using System.IO;
-
-    public static class DotEnv
-    {
-        public static void Load(string filePath)
-        {
-            if (!File.Exists(filePath))
-                return;
-
-            foreach (var line in File.ReadAllLines(filePath))
-            {
-                var parts = line.Split(
-                    '=',
-                    StringSplitOptions.RemoveEmptyEntries);
-
-                if (parts.Length != 2)
-                    continue;
-
-                Environment.SetEnvironmentVariable(parts[0], parts[1]);
-            }
-        }
-    }
-}
\ No newline at end of file
diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 2a1253ef..1283f1a2 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -286,9 +286,9 @@ public void TestJsonConvert()
     [Fact]
     public void TestRedisCloudConnection()
     {
-        var root = Directory.GetCurrentDirectory();
-        var dotenv = Path.Combine(root, "..", "..", "..", ".env");
-        DotEnv.Load(dotenv);
+        // var root = Directory.GetCurrentDirectory();
+        // var dotenv = Path.Combine(root, "..", "..", "..", ".env");
+        // DotEnv.Load(dotenv);
 
         var userName = Environment.GetEnvironmentVariable("USER_NAME") ?? throw new Exception("USER_NAME is not set.");
         var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");

From 7228065c0c6900ee036e77bd5c8b84e041063eff Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 29 Mar 2023 12:57:37 +0300
Subject: [PATCH 07/38] test TLS Connecting in .NET Core

---
 .../Examples/ExamplesTests.cs                  | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 1283f1a2..fd581cf4 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -1,3 +1,5 @@
+using System.Net.Security;
+using System.Security.Authentication;
 using Moq;
 using NRedisStack.DataTypes;
 using NRedisStack.RedisStackCommands;
@@ -282,14 +284,10 @@ public void TestJsonConvert()
 
         Assert.Equal(10, docs.Count());
     }
-
+#if NETCOREAPP3_1_OR_GREATER
     [Fact]
-    public void TestRedisCloudConnection()
+    public void TestRedisCloudConnection_DotnetCore3()
     {
-        // var root = Directory.GetCurrentDirectory();
-        // var dotenv = Path.Combine(root, "..", "..", "..", ".env");
-        // DotEnv.Load(dotenv);
-
         var userName = Environment.GetEnvironmentVariable("USER_NAME") ?? throw new Exception("USER_NAME is not set.");
         var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
         var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
@@ -299,9 +297,14 @@ public void TestRedisCloudConnection()
         {
             User = userName,
             Password = password,
+            Ssl = true,
         };
+        options.SslClientAuthenticationOptions = new Func<string, SslClientAuthenticationOptions>(
+                                                     hostName => new SslClientAuthenticationOptions
+                                                     {
+                                                         EnabledSslProtocols = SslProtocols.Tls12 | SslProtocols.Tls13
+                                                     });
 
-        options.EndPoints.Add(endpoint);
 
         // Connect to Redis instance
         using var connection = ConnectionMultiplexer.Connect(options);
@@ -326,4 +329,5 @@ public void TestRedisCloudConnection()
         // Delete
         db.KeyDelete(key);
     }
+#endif
 }
\ No newline at end of file

From e6d4601fef8928bdda1d3f705a0b2e133458f8ca Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Sun, 2 Apr 2023 16:11:48 +0300
Subject: [PATCH 08/38] add to gitignor

---
 .gitignore | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.gitignore b/.gitignore
index a5be34f6..67c1878c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -401,3 +401,6 @@ tests/NRedisStack.Tests/lcov.net7.0.info
 tests/NRedisStack.Tests/lcov.net6.0.info
 tests/NRedisStack.Tests/lcov.info
 tests/NRedisStack.Tests/.env
+tests/NRedisStack.Tests/redis_ca.pem
+tests/NRedisStack.Tests/redis_credentials/redis_user_private.key
+tests/NRedisStack.Tests/redis_credentials/redis_user.crt

From 482fae90f5ee0551113c979ccb97fb4e98f4e265 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Tue, 4 Apr 2023 15:36:28 +0300
Subject: [PATCH 09/38] Experiments

---
 .../Examples/ExamplesTests.cs                 | 77 ++++++++++++++-----
 1 file changed, 57 insertions(+), 20 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index fd581cf4..1d3a71df 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -1,5 +1,7 @@
 using System.Net.Security;
 using System.Security.Authentication;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
 using Moq;
 using NRedisStack.DataTypes;
 using NRedisStack.RedisStackCommands;
@@ -286,46 +288,81 @@ public void TestJsonConvert()
     }
 #if NETCOREAPP3_1_OR_GREATER
     [Fact]
-    public void TestRedisCloudConnection_DotnetCore3()
+    public void TestRedisCloudConnection_DotnetCore3__()
     {
+        var root = Path.GetFullPath(Directory.GetCurrentDirectory());
+        var redis_ca = Path.GetFullPath(Path.Combine(root, "..", "..", "..", "redis_ca.pem"));
+        var redis_user_crt  = Path.GetFullPath(Path.Combine(root, "..", "..", "..", "redis_credentials", "redis_user.crt"));
+        var redis_user_private_key  = Path.GetFullPath(Path.Combine(root, "..", "..", "..", "redis_credentials", "redis_user_private.key"));
+        // var dotenv = Path.Combine(root, "..", "..", "..", ".env");
+        // DotEnv.Load(dotenv);
         var userName = Environment.GetEnvironmentVariable("USER_NAME") ?? throw new Exception("USER_NAME is not set.");
         var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
         var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
 
-        // Create configuration options from Redis URL
-        var options = new ConfigurationOptions()
+        // Load the Redis credentials
+        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redis_user_crt));
+        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redis_ca));
+        var redisUserPrivateKey = new X509Certificate2(File.ReadAllBytes(redis_user_private_key));
+        var redisUserPrivateKeyText = File.ReadAllText(redis_user_private_key);
+
+        var rsa = RSA.Create();
+        rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
+        var test = redisUserCertificate.CopyWithPrivateKey(rsa);
+
+        // byte[] privateKeyBytes = File.ReadAllBytes("privateKey.pem");
+        // RSA privateKey = RSA.Create();
+        // privateKey.ImportPkcs8PrivateKey(privateKeyBytes, out _);
+
+        redisUserCertificate.PrivateKey = rsa;
+
+        // var redisUserPrivateKey = new X509Certificate2(rsa.Export);
+        // var redisUserPrivateKey = new X509Certificate2(Encoding.UTF8.GetString(File.ReadAllBytes(redis_user_private_key)));
+        // var redisUserCertificate = new X509Certificate2(redis_user_crt);
+        // var redisCaCertificate = new X509Certificate2(redis_ca);
+        // var redisUserPrivateKey = new X509Certificate2(redis_user_private_key, password);
+        // Create SSL options for Redis connection
+        var sslOptions = new SslClientAuthenticationOptions
+        {
+            CertificateRevocationCheckMode = X509RevocationMode.NoCheck,
+
+            ClientCertificates = new X509CertificateCollection { redisUserCertificate },
+            EnabledSslProtocols = SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls,
+            RemoteCertificateValidationCallback = (sender, certificate, chain, errors) =>
+            {
+                if (errors == SslPolicyErrors.None)
+                    return true;
+                // Implement your own certificate validation logic here
+                // Return false if the certificate is not trusted
+                return false;
+            },
+            TargetHost = endpoint
+        };
+        // Connect to Redis Cloud
+        var redisConfiguration = new ConfigurationOptions
         {
             User = userName,
-            Password = password,
+            EndPoints = { endpoint },
             Ssl = true,
+            SslProtocols = sslOptions.EnabledSslProtocols,
+            SslHost = sslOptions.TargetHost,
+            SslClientAuthenticationOptions = host => sslOptions,
+            Password = password,
+            AllowAdmin = true
         };
-        options.SslClientAuthenticationOptions = new Func<string, SslClientAuthenticationOptions>(
-                                                     hostName => new SslClientAuthenticationOptions
-                                                     {
-                                                         EnabledSslProtocols = SslProtocols.Tls12 | SslProtocols.Tls13
-                                                     });
-
-
-        // Connect to Redis instance
-        using var connection = ConnectionMultiplexer.Connect(options);
-
+        var redis = ConnectionMultiplexer.Connect(redisConfiguration);
         // Get database
-        var db = connection.GetDatabase();
-
+        var db = redis.GetDatabase();
         // Set key-value pair
         var key = "mykey";
         var value = "myvalue";
         var setResult = db.StringSet(key, value);
-
         // Assert that the set operation succeeded
         Assert.True(setResult);
-
         // Get value for key
         var getValue = db.StringGet(key);
-
         // Assert that the retrieved value matches the original value
         Assert.Equal(value, getValue);
-
         // Delete
         db.KeyDelete(key);
     }

From 24a9df4e09cb78336b304e7658faf6c2ce02a633 Mon Sep 17 00:00:00 2001
From: slorello89 <steve.lorello@redis.com>
Date: Tue, 4 Apr 2023 15:28:38 -0400
Subject: [PATCH 10/38] adding client cert parsing + root CA validation

---
 .../Examples/ExamplesTests.cs                 | 165 +++++++++++++-----
 1 file changed, 117 insertions(+), 48 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 1d3a71df..ec0599cd 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -286,85 +286,154 @@ public void TestJsonConvert()
 
         Assert.Equal(10, docs.Count());
     }
-#if NETCOREAPP3_1_OR_GREATER
+
     [Fact]
-    public void TestRedisCloudConnection_DotnetCore3__()
+    public void TestRedisCloudConnection()
     {
         var root = Path.GetFullPath(Directory.GetCurrentDirectory());
-        var redis_ca = Path.GetFullPath(Path.Combine(root, "..", "..", "..", "redis_ca.pem"));
-        var redis_user_crt  = Path.GetFullPath(Path.Combine(root, "..", "..", "..", "redis_credentials", "redis_user.crt"));
-        var redis_user_private_key  = Path.GetFullPath(Path.Combine(root, "..", "..", "..", "redis_credentials", "redis_user_private.key"));
-        // var dotenv = Path.Combine(root, "..", "..", "..", ".env");
-        // DotEnv.Load(dotenv);
-        var userName = Environment.GetEnvironmentVariable("USER_NAME") ?? throw new Exception("USER_NAME is not set.");
+        var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
+        var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
+        var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
+        
         var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
         var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
 
         // Load the Redis credentials
-        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redis_user_crt));
-        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redis_ca));
-        var redisUserPrivateKey = new X509Certificate2(File.ReadAllBytes(redis_user_private_key));
-        var redisUserPrivateKeyText = File.ReadAllText(redis_user_private_key);
-
+        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
+        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
+        
         var rsa = RSA.Create();
+        
+        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
+        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
+        var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
+
+        rsa.ImportRSAPrivateKey(binaryEncoding, out _);
+        redisUserCertificate.CopyWithPrivateKey(rsa);
         rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
-        var test = redisUserCertificate.CopyWithPrivateKey(rsa);
+        var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
+       
+        // Connect to Redis Cloud
+        var redisConfiguration = new ConfigurationOptions
+        {
+            EndPoints = { endpoint },
+            Ssl = true,
+            Password = password
+        };
+
+        redisConfiguration.CertificateSelection += (_, _, _, _, _) => clientCert; 
+        
+        redisConfiguration.CertificateValidation += (_, cert, _, errors) =>
+        {
+            if (errors == SslPolicyErrors.None)
+            {
+                return true;
+            }
 
-        // byte[] privateKeyBytes = File.ReadAllBytes("privateKey.pem");
-        // RSA privateKey = RSA.Create();
-        // privateKey.ImportPkcs8PrivateKey(privateKeyBytes, out _);
+            var privateChain = new X509Chain();
+            privateChain.ChainPolicy = new X509ChainPolicy { RevocationMode = X509RevocationMode.NoCheck };
+            X509Certificate2 cert2 = new X509Certificate2(cert!);
+            privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
+            privateChain.Build(cert2);
 
-        redisUserCertificate.PrivateKey = rsa;
+            bool isValid = true;
 
-        // var redisUserPrivateKey = new X509Certificate2(rsa.Export);
-        // var redisUserPrivateKey = new X509Certificate2(Encoding.UTF8.GetString(File.ReadAllBytes(redis_user_private_key)));
-        // var redisUserCertificate = new X509Certificate2(redis_user_crt);
-        // var redisCaCertificate = new X509Certificate2(redis_ca);
-        // var redisUserPrivateKey = new X509Certificate2(redis_user_private_key, password);
-        // Create SSL options for Redis connection
+            // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
+            // matches our certificate, we know it's ok
+            foreach (X509ChainStatus chainStatus in privateChain.ChainStatus.Where(x =>
+                         x.Status != X509ChainStatusFlags.UntrustedRoot))
+            {
+                if (chainStatus.Status != X509ChainStatusFlags.NoError)
+                {
+                    isValid = false;
+                    break;
+                }
+            }
+
+            return isValid;
+        };
+
+        
+        var redis = ConnectionMultiplexer.Connect(redisConfiguration);
+        var db = redis.GetDatabase();
+        db.Ping();
+    }
+
+#if NETCOREAPP3_1_OR_GREATER
+    [Fact]
+    public void TestRedisCloudConnection_DotnetCore3__()
+    {
+        var root = Path.GetFullPath(Directory.GetCurrentDirectory());
+        var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
+        var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
+        var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
+        
+        var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
+        var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
+
+        // Load the Redis credentials
+        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
+        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
+        
+        var rsa = RSA.Create();
+        
+        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
+        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
+        var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
+
+        rsa.ImportRSAPrivateKey(binaryEncoding, out _);
+        redisUserCertificate.CopyWithPrivateKey(rsa);
+        rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
+        var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
+       
         var sslOptions = new SslClientAuthenticationOptions
         {
             CertificateRevocationCheckMode = X509RevocationMode.NoCheck,
-
-            ClientCertificates = new X509CertificateCollection { redisUserCertificate },
-            EnabledSslProtocols = SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls,
-            RemoteCertificateValidationCallback = (sender, certificate, chain, errors) =>
+            LocalCertificateSelectionCallback = (_, _, _, _, _) => clientCert,
+            RemoteCertificateValidationCallback = (_, cert, _, errors) =>
             {
                 if (errors == SslPolicyErrors.None)
+                {
                     return true;
-                // Implement your own certificate validation logic here
-                // Return false if the certificate is not trusted
-                return false;
+                }
+
+                var privateChain = new X509Chain();
+                privateChain.ChainPolicy = new X509ChainPolicy { RevocationMode = X509RevocationMode.NoCheck };
+                X509Certificate2 cert2 = new X509Certificate2(cert!);
+                privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
+                privateChain.Build(cert2);
+                
+                bool isValid = true;
+
+                // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
+                // matches our certificate, we know it's ok
+                foreach (X509ChainStatus chainStatus in privateChain.ChainStatus.Where(x=>x.Status != X509ChainStatusFlags.UntrustedRoot))
+                {
+                    if (chainStatus.Status != X509ChainStatusFlags.NoError)
+                    {
+                        isValid = false;
+                        break;
+                    }
+                }
+
+                return isValid;
             },
             TargetHost = endpoint
         };
         // Connect to Redis Cloud
         var redisConfiguration = new ConfigurationOptions
         {
-            User = userName,
             EndPoints = { endpoint },
             Ssl = true,
-            SslProtocols = sslOptions.EnabledSslProtocols,
             SslHost = sslOptions.TargetHost,
             SslClientAuthenticationOptions = host => sslOptions,
-            Password = password,
-            AllowAdmin = true
+            Password = password
         };
+
+        
         var redis = ConnectionMultiplexer.Connect(redisConfiguration);
-        // Get database
         var db = redis.GetDatabase();
-        // Set key-value pair
-        var key = "mykey";
-        var value = "myvalue";
-        var setResult = db.StringSet(key, value);
-        // Assert that the set operation succeeded
-        Assert.True(setResult);
-        // Get value for key
-        var getValue = db.StringGet(key);
-        // Assert that the retrieved value matches the original value
-        Assert.Equal(value, getValue);
-        // Delete
-        db.KeyDelete(key);
+        db.Ping();
     }
 #endif
 }
\ No newline at end of file

From ba36fad55f27dc05e84c73ad217be88dfe3761ad Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 14:07:45 +0300
Subject: [PATCH 11/38] using env vars

---
 .../Examples/ExamplesTests.cs                 | 168 +++++++++---------
 1 file changed, 82 insertions(+), 86 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index ec0599cd..79d99c44 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -287,105 +287,101 @@ public void TestJsonConvert()
         Assert.Equal(10, docs.Count());
     }
 
-    [Fact]
-    public void TestRedisCloudConnection()
-    {
-        var root = Path.GetFullPath(Directory.GetCurrentDirectory());
-        var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
-        var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
-        var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
-        
-        var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
-        var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
-
-        // Load the Redis credentials
-        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
-        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
-        
-        var rsa = RSA.Create();
-        
-        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
-        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
-        var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
-
-        rsa.ImportRSAPrivateKey(binaryEncoding, out _);
-        redisUserCertificate.CopyWithPrivateKey(rsa);
-        rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
-        var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
-       
-        // Connect to Redis Cloud
-        var redisConfiguration = new ConfigurationOptions
-        {
-            EndPoints = { endpoint },
-            Ssl = true,
-            Password = password
-        };
-
-        redisConfiguration.CertificateSelection += (_, _, _, _, _) => clientCert; 
-        
-        redisConfiguration.CertificateValidation += (_, cert, _, errors) =>
-        {
-            if (errors == SslPolicyErrors.None)
-            {
-                return true;
-            }
-
-            var privateChain = new X509Chain();
-            privateChain.ChainPolicy = new X509ChainPolicy { RevocationMode = X509RevocationMode.NoCheck };
-            X509Certificate2 cert2 = new X509Certificate2(cert!);
-            privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
-            privateChain.Build(cert2);
-
-            bool isValid = true;
-
-            // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
-            // matches our certificate, we know it's ok
-            foreach (X509ChainStatus chainStatus in privateChain.ChainStatus.Where(x =>
-                         x.Status != X509ChainStatusFlags.UntrustedRoot))
-            {
-                if (chainStatus.Status != X509ChainStatusFlags.NoError)
-                {
-                    isValid = false;
-                    break;
-                }
-            }
-
-            return isValid;
-        };
-
-        
-        var redis = ConnectionMultiplexer.Connect(redisConfiguration);
-        var db = redis.GetDatabase();
-        db.Ping();
-    }
+    // [Fact]
+    // public void TestRedisCloudConnection()
+    // {
+    //     var root = Path.GetFullPath(Directory.GetCurrentDirectory());
+    //     var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
+    //     var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
+    //     var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
+
+    //     var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
+    //     var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
+
+    //     // Load the Redis credentials
+    //     var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
+    //     var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
+
+    //     var rsa = RSA.Create();
+
+    //     var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
+    //     var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
+    //     var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
+
+    //     rsa.ImportRSAPrivateKey(binaryEncoding, out _);
+    //     redisUserCertificate.CopyWithPrivateKey(rsa);
+    //     rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
+    //     var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
+
+    //     // Connect to Redis Cloud
+    //     var redisConfiguration = new ConfigurationOptions
+    //     {
+    //         EndPoints = { endpoint },
+    //         Ssl = true,
+    //         Password = password
+    //     };
+
+    //     redisConfiguration.CertificateSelection += (_, _, _, _, _) => clientCert;
+
+    //     redisConfiguration.CertificateValidation += (_, cert, _, errors) =>
+    //     {
+    //         if (errors == SslPolicyErrors.None)
+    //         {
+    //             return true;
+    //         }
+
+    //         var privateChain = new X509Chain();
+    //         privateChain.ChainPolicy = new X509ChainPolicy { RevocationMode = X509RevocationMode.NoCheck };
+    //         X509Certificate2 cert2 = new X509Certificate2(cert!);
+    //         privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
+    //         privateChain.Build(cert2);
+
+    //         bool isValid = true;
+
+    //         // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
+    //         // matches our certificate, we know it's ok
+    //         foreach (X509ChainStatus chainStatus in privateChain.ChainStatus.Where(x =>
+    //                      x.Status != X509ChainStatusFlags.UntrustedRoot))
+    //         {
+    //             if (chainStatus.Status != X509ChainStatusFlags.NoError)
+    //             {
+    //                 isValid = false;
+    //                 break;
+    //             }
+    //         }
+
+    //         return isValid;
+    //     };
+
+
+    //     var redis = ConnectionMultiplexer.Connect(redisConfiguration);
+    //     var db = redis.GetDatabase();
+    //     db.Ping();
+    // }
 
 #if NETCOREAPP3_1_OR_GREATER
     [Fact]
     public void TestRedisCloudConnection_DotnetCore3__()
     {
-        var root = Path.GetFullPath(Directory.GetCurrentDirectory());
-        var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
-        var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
-        var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
-        
         var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
         var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
+        var redisCa = Environment.GetEnvironmentVariable("REDIS_CA_PEM") ?? throw new Exception("REDIS_CA is not set.");
+        var redisUserCrt = Environment.GetEnvironmentVariable("REDIS_USER_CRT") ?? throw new Exception("REDIS_USER_CRT is not set.");
+        var redisUserPrivateKey = Environment.GetEnvironmentVariable("REDIS_USER_PRIVATE_KEY") ?? throw new Exception("REDIS_USER_PRIVATE_KEY is not set.");
 
         // Load the Redis credentials
-        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
-        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
-        
+        var redisUserCertificate = new X509Certificate2(Convert.FromBase64String(redisUserCrt));
+        var redisCaCertificate = new X509Certificate2(Convert.FromBase64String(redisCa));
+
         var rsa = RSA.Create();
-        
-        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
-        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
+        var pemFileData = redisUserPrivateKey.Split('\n').Where(x => !x.StartsWith("-"));
         var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
 
         rsa.ImportRSAPrivateKey(binaryEncoding, out _);
         redisUserCertificate.CopyWithPrivateKey(rsa);
-        rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
+        rsa.ImportFromPem(redisUserPrivateKey.ToCharArray());
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
-       
+
         var sslOptions = new SslClientAuthenticationOptions
         {
             CertificateRevocationCheckMode = X509RevocationMode.NoCheck,
@@ -402,7 +398,7 @@ public void TestRedisCloudConnection_DotnetCore3__()
                 X509Certificate2 cert2 = new X509Certificate2(cert!);
                 privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
                 privateChain.Build(cert2);
-                
+
                 bool isValid = true;
 
                 // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
@@ -430,7 +426,7 @@ public void TestRedisCloudConnection_DotnetCore3__()
             Password = password
         };
 
-        
+
         var redis = ConnectionMultiplexer.Connect(redisConfiguration);
         var db = redis.GetDatabase();
         db.Ping();

From dbd4df9b06204906119ea32fd41d370cf3bb6a90 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 14:14:06 +0300
Subject: [PATCH 12/38] add vars to integration

---
 .github/workflows/integration.yml                 | 8 +++++++-
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 2 +-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 3743c5c4..354a9cef 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -20,9 +20,12 @@ jobs:
     runs-on: ubuntu-latest
     environment: REDIS_USER
     env:
-      ENDPOINT: ${{ secrets.ENDPOINT }}
       USER_NAME: ${{ secrets.USER_NAME }}
       PASSWORD: ${{ secrets.PASSWORD }}
+      ENDPOINT: ${{ secrets.ENDPOINT }}
+      REDIS_CA_PEM: ${{ secrets.REDIS_CA_PEM }}
+      REDIS_USER_CRT: ${{ secrets.REDIS_USER_CRT }}
+      REDIS_USER_PRIVATE_KEY: ${{ secrets.REDIS_USER_PRIVATE_KEY }}
     steps:
       - uses: actions/checkout@v3
       - name: .NET Core 6
@@ -58,6 +61,9 @@ jobs:
       USER_NAME: ${{ secrets.USER_NAME }}
       PASSWORD: ${{ secrets.PASSWORD }}
       ENDPOINT: ${{ secrets.ENDPOINT }}
+      REDIS_CA_PEM: ${{ secrets.REDIS_CA_PEM }}
+      REDIS_USER_CRT: ${{ secrets.REDIS_USER_CRT }}
+      REDIS_USER_PRIVATE_KEY: ${{ secrets.REDIS_USER_PRIVATE_KEY }}
     steps:
       - uses: actions/checkout@v3
       - uses: Vampire/setup-wsl@v2
diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 79d99c44..ce6b8a84 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -365,7 +365,7 @@ public void TestRedisCloudConnection_DotnetCore3__()
     {
         var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
         var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
-        var redisCa = Environment.GetEnvironmentVariable("REDIS_CA_PEM") ?? throw new Exception("REDIS_CA is not set.");
+        var redisCa = Environment.GetEnvironmentVariable("REDIS_CA_PEM") ?? throw new Exception("REDIS_CA_PEM is not set.");
         var redisUserCrt = Environment.GetEnvironmentVariable("REDIS_USER_CRT") ?? throw new Exception("REDIS_USER_CRT is not set.");
         var redisUserPrivateKey = Environment.GetEnvironmentVariable("REDIS_USER_PRIVATE_KEY") ?? throw new Exception("REDIS_USER_PRIVATE_KEY is not set.");
 

From 46d638d52bbcb7c769d081a067a7c45a6a6e5535 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 14:19:16 +0300
Subject: [PATCH 13/38] change to Convert.FromHexString

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index ce6b8a84..e2936e12 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -370,8 +370,8 @@ public void TestRedisCloudConnection_DotnetCore3__()
         var redisUserPrivateKey = Environment.GetEnvironmentVariable("REDIS_USER_PRIVATE_KEY") ?? throw new Exception("REDIS_USER_PRIVATE_KEY is not set.");
 
         // Load the Redis credentials
-        var redisUserCertificate = new X509Certificate2(Convert.FromBase64String(redisUserCrt));
-        var redisCaCertificate = new X509Certificate2(Convert.FromBase64String(redisCa));
+        var redisUserCertificate = new X509Certificate2(Convert.FromHexString(redisUserCrt));
+        var redisCaCertificate = new X509Certificate2(Convert.FromHexString(redisCa));
 
         var rsa = RSA.Create();
         var pemFileData = redisUserPrivateKey.Split('\n').Where(x => !x.StartsWith("-"));

From b600cb6297c3afc33f85f0691fd15d113821b1dc Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 14:57:58 +0300
Subject: [PATCH 14/38] using files

---
 .github/workflows/integration.yml             |  13 +-
 .../Examples/ExamplesTests.cs                 | 165 +++++++++---------
 2 files changed, 93 insertions(+), 85 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 354a9cef..f4e135b5 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -23,9 +23,6 @@ jobs:
       USER_NAME: ${{ secrets.USER_NAME }}
       PASSWORD: ${{ secrets.PASSWORD }}
       ENDPOINT: ${{ secrets.ENDPOINT }}
-      REDIS_CA_PEM: ${{ secrets.REDIS_CA_PEM }}
-      REDIS_USER_CRT: ${{ secrets.REDIS_USER_CRT }}
-      REDIS_USER_PRIVATE_KEY: ${{ secrets.REDIS_USER_PRIVATE_KEY }}
     steps:
       - uses: actions/checkout@v3
       - name: .NET Core 6
@@ -43,7 +40,12 @@ jobs:
       - name: Build
         run: dotnet build --no-restore /p:ContinuousIntegrationBuild=true
       - name: Test
-        run: dotnet test -f net6.0 --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
+        run: |
+          echo ${{secrets.REDIS_CA_PEM}} > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_ca.pem
+          echo ${{secrets.REDIS_USER_CRT}} > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_user.crt
+          echo ${{secrets.REDIS_USER_PRIVATE_KEY}} > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_user_private.key
+          ls -R
+          dotnet test -f net6.0 --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
       - name: Test
         run: dotnet test -f net7.0 --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
       - name: Codecov
@@ -61,9 +63,6 @@ jobs:
       USER_NAME: ${{ secrets.USER_NAME }}
       PASSWORD: ${{ secrets.PASSWORD }}
       ENDPOINT: ${{ secrets.ENDPOINT }}
-      REDIS_CA_PEM: ${{ secrets.REDIS_CA_PEM }}
-      REDIS_USER_CRT: ${{ secrets.REDIS_USER_CRT }}
-      REDIS_USER_PRIVATE_KEY: ${{ secrets.REDIS_USER_PRIVATE_KEY }}
     steps:
       - uses: actions/checkout@v3
       - uses: Vampire/setup-wsl@v2
diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index e2936e12..ddf539fb 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -287,99 +287,104 @@ public void TestJsonConvert()
         Assert.Equal(10, docs.Count());
     }
 
-    // [Fact]
-    // public void TestRedisCloudConnection()
-    // {
-    //     var root = Path.GetFullPath(Directory.GetCurrentDirectory());
-    //     var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
-    //     var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
-    //     var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
-
-    //     var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
-    //     var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
-
-    //     // Load the Redis credentials
-    //     var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
-    //     var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
-
-    //     var rsa = RSA.Create();
-
-    //     var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
-    //     var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
-    //     var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
-
-    //     rsa.ImportRSAPrivateKey(binaryEncoding, out _);
-    //     redisUserCertificate.CopyWithPrivateKey(rsa);
-    //     rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
-    //     var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
-
-    //     // Connect to Redis Cloud
-    //     var redisConfiguration = new ConfigurationOptions
-    //     {
-    //         EndPoints = { endpoint },
-    //         Ssl = true,
-    //         Password = password
-    //     };
-
-    //     redisConfiguration.CertificateSelection += (_, _, _, _, _) => clientCert;
-
-    //     redisConfiguration.CertificateValidation += (_, cert, _, errors) =>
-    //     {
-    //         if (errors == SslPolicyErrors.None)
-    //         {
-    //             return true;
-    //         }
-
-    //         var privateChain = new X509Chain();
-    //         privateChain.ChainPolicy = new X509ChainPolicy { RevocationMode = X509RevocationMode.NoCheck };
-    //         X509Certificate2 cert2 = new X509Certificate2(cert!);
-    //         privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
-    //         privateChain.Build(cert2);
-
-    //         bool isValid = true;
-
-    //         // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
-    //         // matches our certificate, we know it's ok
-    //         foreach (X509ChainStatus chainStatus in privateChain.ChainStatus.Where(x =>
-    //                      x.Status != X509ChainStatusFlags.UntrustedRoot))
-    //         {
-    //             if (chainStatus.Status != X509ChainStatusFlags.NoError)
-    //             {
-    //                 isValid = false;
-    //                 break;
-    //             }
-    //         }
-
-    //         return isValid;
-    //     };
-
-
-    //     var redis = ConnectionMultiplexer.Connect(redisConfiguration);
-    //     var db = redis.GetDatabase();
-    //     db.Ping();
-    // }
+    [Fact]
+    public void TestRedisCloudConnection()
+    {
+        var root = Path.GetFullPath(Directory.GetCurrentDirectory());
+        var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
+        var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
+        var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
+
+        var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
+        var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
+
+        // Load the Redis credentials
+        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
+        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
+
+        var rsa = RSA.Create();
+
+        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
+        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
+        var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
+
+        rsa.ImportRSAPrivateKey(binaryEncoding, out _);
+        redisUserCertificate.CopyWithPrivateKey(rsa);
+        rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
+        var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
+
+        // Connect to Redis Cloud
+        var redisConfiguration = new ConfigurationOptions
+        {
+            EndPoints = { endpoint },
+            Ssl = true,
+            Password = password
+        };
+
+        redisConfiguration.CertificateSelection += (_, _, _, _, _) => clientCert;
+
+        redisConfiguration.CertificateValidation += (_, cert, _, errors) =>
+        {
+            if (errors == SslPolicyErrors.None)
+            {
+                return true;
+            }
+
+            var privateChain = new X509Chain();
+            privateChain.ChainPolicy = new X509ChainPolicy { RevocationMode = X509RevocationMode.NoCheck };
+            X509Certificate2 cert2 = new X509Certificate2(cert!);
+            privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
+            privateChain.Build(cert2);
+
+            bool isValid = true;
+
+            // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
+            // matches our certificate, we know it's ok
+            foreach (X509ChainStatus chainStatus in privateChain.ChainStatus.Where(x =>
+                         x.Status != X509ChainStatusFlags.UntrustedRoot))
+            {
+                if (chainStatus.Status != X509ChainStatusFlags.NoError)
+                {
+                    isValid = false;
+                    break;
+                }
+            }
+
+            return isValid;
+        };
+
+
+        var redis = ConnectionMultiplexer.Connect(redisConfiguration);
+        var db = redis.GetDatabase();
+        db.Ping();
+    }
 
 #if NETCOREAPP3_1_OR_GREATER
     [Fact]
     public void TestRedisCloudConnection_DotnetCore3__()
     {
+        // Replace this with your own Redis Cloud credentials
+        var root = Path.GetFullPath(Directory.GetCurrentDirectory());
+        var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
+        var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
+        var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
+
         var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
         var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
-        var redisCa = Environment.GetEnvironmentVariable("REDIS_CA_PEM") ?? throw new Exception("REDIS_CA_PEM is not set.");
-        var redisUserCrt = Environment.GetEnvironmentVariable("REDIS_USER_CRT") ?? throw new Exception("REDIS_USER_CRT is not set.");
-        var redisUserPrivateKey = Environment.GetEnvironmentVariable("REDIS_USER_PRIVATE_KEY") ?? throw new Exception("REDIS_USER_PRIVATE_KEY is not set.");
 
         // Load the Redis credentials
-        var redisUserCertificate = new X509Certificate2(Convert.FromHexString(redisUserCrt));
-        var redisCaCertificate = new X509Certificate2(Convert.FromHexString(redisCa));
+        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
+        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
 
         var rsa = RSA.Create();
-        var pemFileData = redisUserPrivateKey.Split('\n').Where(x => !x.StartsWith("-"));
+
+        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
+        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
         var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
 
         rsa.ImportRSAPrivateKey(binaryEncoding, out _);
         redisUserCertificate.CopyWithPrivateKey(rsa);
-        rsa.ImportFromPem(redisUserPrivateKey.ToCharArray());
+        rsa.ImportFromPem(redisUserPrivateKeyText.ToCharArray());
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
 
         var sslOptions = new SslClientAuthenticationOptions
@@ -430,6 +435,10 @@ public void TestRedisCloudConnection_DotnetCore3__()
         var redis = ConnectionMultiplexer.Connect(redisConfiguration);
         var db = redis.GetDatabase();
         db.Ping();
+
+        db.StringSet("testKey", "testValue");
+        var value = db.StringGet("testKey");
+        Assert.Equal("testValue", value);
     }
 #endif
 }
\ No newline at end of file

From 4d4f8f418fe676aa25e302acd5f98c5c2759765a Mon Sep 17 00:00:00 2001
From: "Chayim I. Kirshen" <c@kirshen.com>
Date: Wed, 19 Apr 2023 15:06:55 +0300
Subject: [PATCH 15/38] quoting echo

---
 .github/workflows/integration.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index f4e135b5..7a1da7fa 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -41,9 +41,9 @@ jobs:
         run: dotnet build --no-restore /p:ContinuousIntegrationBuild=true
       - name: Test
         run: |
-          echo ${{secrets.REDIS_CA_PEM}} > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_ca.pem
-          echo ${{secrets.REDIS_USER_CRT}} > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_user.crt
-          echo ${{secrets.REDIS_USER_PRIVATE_KEY}} > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_user_private.key
+          echo "${{secrets.REDIS_CA_PEM}}" > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_ca.pem
+          echo "${{secrets.REDIS_USER_CRT}}" > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_user.crt
+          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > tests/NRedisStack.Tests/bin/Debug/net6.0/redis_user_private.key
           ls -R
           dotnet test -f net6.0 --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
       - name: Test

From ea49edefc7c41099b6646e686147f1be576e6495 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 15:25:53 +0300
Subject: [PATCH 16/38] add files to net7.0

---
 .github/workflows/integration.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 7a1da7fa..6e128600 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -47,7 +47,12 @@ jobs:
           ls -R
           dotnet test -f net6.0 --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
       - name: Test
-        run: dotnet test -f net7.0 --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
+        run: |
+          echo "${{secrets.REDIS_CA_PEM}}" > tests/NRedisStack.Tests/bin/Debug/net7.0/redis_ca.pem
+          echo "${{secrets.REDIS_USER_CRT}}" > tests/NRedisStack.Tests/bin/Debug/net7.0/redis_user.crt
+          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > tests/NRedisStack.Tests/bin/Debug/net7.0/redis_user_private.key
+          ls -R
+          dotnet test -f net7.0 --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
       - name: Codecov
         uses: codecov/codecov-action@v3
         with:

From 7879a701a77a0f31f87c3e63fab94d2428a30e07 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 16:33:26 +0300
Subject: [PATCH 17/38] try #if !WINDOWS

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index ddf539fb..0d3907f9 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -287,6 +287,7 @@ public void TestJsonConvert()
         Assert.Equal(10, docs.Count());
     }
 
+    #if !WINDOWS
     [Fact]
     public void TestRedisCloudConnection()
     {
@@ -361,7 +362,7 @@ public void TestRedisCloudConnection()
 
 #if NETCOREAPP3_1_OR_GREATER
     [Fact]
-    public void TestRedisCloudConnection_DotnetCore3__()
+    public void TestRedisCloudConnection_DotnetCore3()
     {
         // Replace this with your own Redis Cloud credentials
         var root = Path.GetFullPath(Directory.GetCurrentDirectory());
@@ -441,4 +442,5 @@ public void TestRedisCloudConnection_DotnetCore3__()
         Assert.Equal("testValue", value);
     }
 #endif
+#endif
 }
\ No newline at end of file

From 45c00d078d27aff4643d6c29d879a12698e09a04 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 17:41:19 +0300
Subject: [PATCH 18/38] wrap all

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 0d3907f9..856d3055 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -7,6 +7,9 @@
 using NRedisStack.RedisStackCommands;
 using NRedisStack.Search;
 using NRedisStack.Search.Literals.Enums;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.OpenSsl;
 using StackExchange.Redis;
 using Xunit;
 
@@ -287,7 +290,7 @@ public void TestJsonConvert()
         Assert.Equal(10, docs.Count());
     }
 
-    #if !WINDOWS
+#if NETCOREAPP6_0_OR_GREATER
     [Fact]
     public void TestRedisCloudConnection()
     {
@@ -360,7 +363,6 @@ public void TestRedisCloudConnection()
         db.Ping();
     }
 
-#if NETCOREAPP3_1_OR_GREATER
     [Fact]
     public void TestRedisCloudConnection_DotnetCore3()
     {
@@ -442,5 +444,5 @@ public void TestRedisCloudConnection_DotnetCore3()
         Assert.Equal("testValue", value);
     }
 #endif
-#endif
+
 }
\ No newline at end of file

From c82357660be758d6ae6193d488142274e8581d9d Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Wed, 19 Apr 2023 17:48:45 +0300
Subject: [PATCH 19/38] delete usings

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 856d3055..6af35874 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -1,5 +1,4 @@
 using System.Net.Security;
-using System.Security.Authentication;
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using Moq;
@@ -7,9 +6,6 @@
 using NRedisStack.RedisStackCommands;
 using NRedisStack.Search;
 using NRedisStack.Search.Literals.Enums;
-using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Math;
-using Org.BouncyCastle.OpenSsl;
 using StackExchange.Redis;
 using Xunit;
 

From d082e7311f8462c4b43fcd9d5fd95eb8c1961975 Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Wed, 19 Apr 2023 10:59:11 -0400
Subject: [PATCH 20/38] adding bouncyCastle+4.8.1 example

---
 .../Examples/ExamplesTests.cs                 | 106 +++++++++++++++++-
 .../NRedisStack.Tests.csproj                  |   1 +
 2 files changed, 106 insertions(+), 1 deletion(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 856d3055..e228b424 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -289,8 +289,112 @@ public void TestJsonConvert()
 
         Assert.Equal(10, docs.Count());
     }
+    
+#if NET481
+    [Fact]
+    public void TestRedisCloudConnection()
+    {
+        var root = Path.GetFullPath(Directory.GetCurrentDirectory());
+        var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
+        var redisUserCrtPath  = Path.GetFullPath(Path.Combine(root, "redis_user.crt"));
+        var redisUserPrivateKeyPath  = Path.GetFullPath(Path.Combine(root, "redis_user_private.key"));
+
+        var password = Environment.GetEnvironmentVariable("PASSWORD") ?? throw new Exception("PASSWORD is not set.");
+        var endpoint = Environment.GetEnvironmentVariable("ENDPOINT") ?? throw new Exception("ENDPOINT is not set.");
+
+        // Load the Redis credentials
+        var redisUserCertificate = new X509Certificate2(File.ReadAllBytes(redisUserCrtPath));
+        var redisCaCertificate = new X509Certificate2(File.ReadAllBytes(redisCaPath));
+
+        var rsa = RSA.Create();
+
+        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
+        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
+        var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
+        
+        rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyPath)));
+        redisUserCertificate.CopyWithPrivateKey(rsa);
+        rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyText)));
+        var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
+
+        // Connect to Redis Cloud
+        var redisConfiguration = new ConfigurationOptions
+        {
+            EndPoints = { endpoint },
+            Ssl = true,
+            Password = password
+        };
+
+        redisConfiguration.CertificateSelection += (_, _, _, _, _) => clientCert;
+
+        redisConfiguration.CertificateValidation += (_, cert, _, errors) =>
+        {
+            if (errors == SslPolicyErrors.None)
+            {
+                return true;
+            }
+
+            var privateChain = new X509Chain();
+            privateChain.ChainPolicy = new X509ChainPolicy { RevocationMode = X509RevocationMode.NoCheck };
+            X509Certificate2 cert2 = new X509Certificate2(cert!);
+            privateChain.ChainPolicy.ExtraStore.Add(redisCaCertificate);
+            privateChain.Build(cert2);
+
+            bool isValid = true;
+
+            // we're establishing the trust chain so if the only complaint is that that the root CA is untrusted, and the root CA root
+            // matches our certificate, we know it's ok
+            foreach (X509ChainStatus chainStatus in privateChain.ChainStatus.Where(x =>
+                         x.Status != X509ChainStatusFlags.UntrustedRoot))
+            {
+                if (chainStatus.Status != X509ChainStatusFlags.NoError)
+                {
+                    isValid = false;
+                    break;
+                }
+            }
+
+            return isValid;
+        };
+
+
+        var redis = ConnectionMultiplexer.Connect(redisConfiguration);
+        var db = redis.GetDatabase();
+        db.Ping();
+    }
+
+    public static RSAParameters ImportPrivateKey(string pem)
+    {
+        PemReader pr = new PemReader(new StringReader(pem));
+        RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters)pr.ReadObject();
+        RSAParameters rp = new RSAParameters();
+        rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
+        rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
+        rp.P = privKey.P.ToByteArrayUnsigned();
+        rp.Q = privKey.Q.ToByteArrayUnsigned();
+        rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length);
+        rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length);
+        rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length);
+        rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length);
+
+           
+        return rp;
+    }
+
+    private static byte[] ConvertRSAParametersField(BigInteger n, int size)
+    {
+        byte[] bs = n.ToByteArrayUnsigned();
+        if (bs.Length == size)
+            return bs;
+        if (bs.Length > size)
+            throw new ArgumentException("Specified size too small", "size");
+        byte[] padded = new byte[size];
+        Array.Copy(bs, 0, padded, size - bs.Length, bs.Length);
+        return padded;
+    }
+#endif
 
-#if NETCOREAPP6_0_OR_GREATER
+#if NET6_0_OR_GREATER
     [Fact]
     public void TestRedisCloudConnection()
     {
diff --git a/tests/NRedisStack.Tests/NRedisStack.Tests.csproj b/tests/NRedisStack.Tests/NRedisStack.Tests.csproj
index e34c4ec2..bc4184b6 100644
--- a/tests/NRedisStack.Tests/NRedisStack.Tests.csproj
+++ b/tests/NRedisStack.Tests/NRedisStack.Tests.csproj
@@ -26,6 +26,7 @@
     <PackageReference Include="StackExchange.Redis" Version="2.6.96" />
     <PackageReference Include="xunit" Version="2.4.1" />
     <PackageReference Include="xunit.assert" Version="2.4.1" />
+    <PackageReference Include="BouncyCastle.Cryptography" Version="2.2.0"/>
   </ItemGroup>
 
   <ItemGroup>

From 97851fa676da26d58af73144dbaf5b4011cc3fbb Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Wed, 19 Apr 2023 12:43:23 -0400
Subject: [PATCH 21/38] adding back usings

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 9316acb4..34fc170c 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -6,6 +6,9 @@
 using NRedisStack.RedisStackCommands;
 using NRedisStack.Search;
 using NRedisStack.Search.Literals.Enums;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.OpenSsl;
 using StackExchange.Redis;
 using Xunit;
 

From f46ee2505bd1a11f96ca2fdcad4e6c37c2caf1e3 Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Wed, 19 Apr 2023 13:15:55 -0400
Subject: [PATCH 22/38] echoing vars to files

---
 .github/workflows/integration.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 6e128600..cfef3c42 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -68,6 +68,9 @@ jobs:
       USER_NAME: ${{ secrets.USER_NAME }}
       PASSWORD: ${{ secrets.PASSWORD }}
       ENDPOINT: ${{ secrets.ENDPOINT }}
+      REDIS_CA_PEM: ${{secrets.REDIS_CA_PEM}}
+      REDIS_USER_CRT: ${{secrets.REDIS_USER_CRT}}
+      REDIS_USER_PRIVATE_KEY: ${{secrets.REDIS_USER_PRIVATE_KEY}}
     steps:
       - uses: actions/checkout@v3
       - uses: Vampire/setup-wsl@v2
@@ -87,5 +90,8 @@ jobs:
       - name: Test
         shell: cmd
         run: |
+          echo.%REDIS_CA_PEM% >> tests\NRedisStack.Tests\bin\Debug\net481\redis_ca.pem
+          echo.%REDIS_USER_CRT% >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user.crt
+          echo.%REDIS_USER_PRIVATE_KEY% >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user_private.key
           START wsl ./redis-stack-server-${{env.redis_stack_version}}/bin/redis-stack-server &
           dotnet test -f net481 --no-build --verbosity normal

From 24abe51d4eddcddbb32036a8156fdf1bfd943d34 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 24 Apr 2023 16:37:35 +0300
Subject: [PATCH 23/38] same pattern for windows

---
 .github/workflows/integration.yml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index cfef3c42..15543367 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -68,9 +68,6 @@ jobs:
       USER_NAME: ${{ secrets.USER_NAME }}
       PASSWORD: ${{ secrets.PASSWORD }}
       ENDPOINT: ${{ secrets.ENDPOINT }}
-      REDIS_CA_PEM: ${{secrets.REDIS_CA_PEM}}
-      REDIS_USER_CRT: ${{secrets.REDIS_USER_CRT}}
-      REDIS_USER_PRIVATE_KEY: ${{secrets.REDIS_USER_PRIVATE_KEY}}
     steps:
       - uses: actions/checkout@v3
       - uses: Vampire/setup-wsl@v2
@@ -90,8 +87,8 @@ jobs:
       - name: Test
         shell: cmd
         run: |
-          echo.%REDIS_CA_PEM% >> tests\NRedisStack.Tests\bin\Debug\net481\redis_ca.pem
-          echo.%REDIS_USER_CRT% >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user.crt
-          echo.%REDIS_USER_PRIVATE_KEY% >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user_private.key
+          echo "${{secrets.REDIS_CA_PEM}}" > tests\NRedisStack.Tests\bin\Debug\net481\redis_ca.pem
+          echo "${{secrets.REDIS_USER_CRT}}" > tests\NRedisStack.Tests\bin\Debug\net481\redis_user.crt
+          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > tests\NRedisStack.Tests\bin\Debug\net481\redis_user_private.key
           START wsl ./redis-stack-server-${{env.redis_stack_version}}/bin/redis-stack-server &
           dotnet test -f net481 --no-build --verbosity normal

From 74826dd2bc03234e96e176de4dec8a484b692185 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 24 Apr 2023 17:00:15 +0300
Subject: [PATCH 24/38] try different way

---
 .github/workflows/integration.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 15543367..40d289ae 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -87,8 +87,8 @@ jobs:
       - name: Test
         shell: cmd
         run: |
-          echo "${{secrets.REDIS_CA_PEM}}" > tests\NRedisStack.Tests\bin\Debug\net481\redis_ca.pem
-          echo "${{secrets.REDIS_USER_CRT}}" > tests\NRedisStack.Tests\bin\Debug\net481\redis_user.crt
-          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > tests\NRedisStack.Tests\bin\Debug\net481\redis_user_private.key
+          echo.%"${{secrets.REDIS_CA_PEM}}" >> tests\NRedisStack.Tests\bin\Debug\net481\redis_ca.pem
+          echo.%"${{secrets.REDIS_USER_CRT}}" >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user.crt
+          echo.%"${{secrets.REDIS_USER_PRIVATE_KEY}}" >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user_private.key
           START wsl ./redis-stack-server-${{env.redis_stack_version}}/bin/redis-stack-server &
           dotnet test -f net481 --no-build --verbosity normal

From 663656c6b25c3c4a244f67abe1719411a67065bd Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Tue, 25 Apr 2023 09:54:47 +0300
Subject: [PATCH 25/38] Save test certificates with wsl-bash

---
 .github/workflows/integration.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 40d289ae..8ad62687 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -84,11 +84,15 @@ jobs:
         run: dotnet restore
       - name: Build
         run: dotnet build --no-restore /p:ContinuousIntegrationBuild=true
+      - name: Save test certificates
+        shell: wsl-bash {0}
+        run: |
+          echo "${{secrets.REDIS_CA_PEM}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_ca.pem
+          echo "${{secrets.REDIS_USER_CRT}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_user.crt
+          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_user_private.key
+          ls -R
       - name: Test
         shell: cmd
         run: |
-          echo.%"${{secrets.REDIS_CA_PEM}}" >> tests\NRedisStack.Tests\bin\Debug\net481\redis_ca.pem
-          echo.%"${{secrets.REDIS_USER_CRT}}" >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user.crt
-          echo.%"${{secrets.REDIS_USER_PRIVATE_KEY}}" >> tests\NRedisStack.Tests\bin\Debug\net481\redis_user_private.key
           START wsl ./redis-stack-server-${{env.redis_stack_version}}/bin/redis-stack-server &
           dotnet test -f net481 --no-build --verbosity normal

From d78893f36c5e291d6a238e3e272e6e7edfb70fe6 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Tue, 25 Apr 2023 11:24:17 +0300
Subject: [PATCH 26/38] trying

---
 .github/workflows/integration.yml | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 8ad62687..c900d765 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -87,10 +87,16 @@ jobs:
       - name: Save test certificates
         shell: wsl-bash {0}
         run: |
-          echo "${{secrets.REDIS_CA_PEM}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_ca.pem
-          echo "${{secrets.REDIS_USER_CRT}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_user.crt
-          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_user_private.key
+          echo "${{secrets.REDIS_CA_PEM}}" > redis_ca.pem
+          echo "${{secrets.REDIS_USER_CRT}}" > redis_user.crt
+          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > redis_user_private.key
           ls -R
+      - name: Copy test certificates
+        run: |
+          mkdir -p tests/NRedisStack.Tests/bin/Debug/net481/
+          cp redis_ca.pem tests/NRedisStack.Tests/bin/Debug/net481/
+          cp redis_user.crt tests/NRedisStack.Tests/bin/Debug/net481/
+          cp redis_user_private.key tests/NRedisStack.Tests/bin/Debug/net481/
       - name: Test
         shell: cmd
         run: |

From 7b2eeef3ab38aebef10c0e5a1e571526cc96887a Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Tue, 25 Apr 2023 12:00:16 +0300
Subject: [PATCH 27/38] delete mkdir line

---
 .github/workflows/integration.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index c900d765..48fc935b 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -93,10 +93,10 @@ jobs:
           ls -R
       - name: Copy test certificates
         run: |
-          mkdir -p tests/NRedisStack.Tests/bin/Debug/net481/
           cp redis_ca.pem tests/NRedisStack.Tests/bin/Debug/net481/
           cp redis_user.crt tests/NRedisStack.Tests/bin/Debug/net481/
           cp redis_user_private.key tests/NRedisStack.Tests/bin/Debug/net481/
+          ls -R
       - name: Test
         shell: cmd
         run: |

From 244ba7bc66f34433a7822b6e59bda116fb135204 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Tue, 25 Apr 2023 12:35:15 +0300
Subject: [PATCH 28/38] one run try

---
 .github/workflows/integration.yml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 48fc935b..e765dd6b 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -90,9 +90,6 @@ jobs:
           echo "${{secrets.REDIS_CA_PEM}}" > redis_ca.pem
           echo "${{secrets.REDIS_USER_CRT}}" > redis_user.crt
           echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > redis_user_private.key
-          ls -R
-      - name: Copy test certificates
-        run: |
           cp redis_ca.pem tests/NRedisStack.Tests/bin/Debug/net481/
           cp redis_user.crt tests/NRedisStack.Tests/bin/Debug/net481/
           cp redis_user_private.key tests/NRedisStack.Tests/bin/Debug/net481/

From bb9e4f63c37f590675ff7aac6c9ccc3ff2ad6eb4 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Tue, 25 Apr 2023 12:46:56 +0300
Subject: [PATCH 29/38] return back

---
 .github/workflows/integration.yml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index e765dd6b..8ad62687 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -87,12 +87,9 @@ jobs:
       - name: Save test certificates
         shell: wsl-bash {0}
         run: |
-          echo "${{secrets.REDIS_CA_PEM}}" > redis_ca.pem
-          echo "${{secrets.REDIS_USER_CRT}}" > redis_user.crt
-          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > redis_user_private.key
-          cp redis_ca.pem tests/NRedisStack.Tests/bin/Debug/net481/
-          cp redis_user.crt tests/NRedisStack.Tests/bin/Debug/net481/
-          cp redis_user_private.key tests/NRedisStack.Tests/bin/Debug/net481/
+          echo "${{secrets.REDIS_CA_PEM}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_ca.pem
+          echo "${{secrets.REDIS_USER_CRT}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_user.crt
+          echo "${{secrets.REDIS_USER_PRIVATE_KEY}}" > tests/NRedisStack.Tests/bin/Debug/net481/redis_user_private.key
           ls -R
       - name: Test
         shell: cmd

From 75fe572222d2d06f39d03fac61a207af25252e4d Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Sun, 30 Apr 2023 13:23:18 +0300
Subject: [PATCH 30/38] add .env to gitignor

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 67c1878c..3cf3c6c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -404,3 +404,4 @@ tests/NRedisStack.Tests/.env
 tests/NRedisStack.Tests/redis_ca.pem
 tests/NRedisStack.Tests/redis_credentials/redis_user_private.key
 tests/NRedisStack.Tests/redis_credentials/redis_user.crt
+.env

From 0c28eeb0bbe3ea6d9fc03cea470ddbe8645bd292 Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 1 May 2023 11:50:29 +0300
Subject: [PATCH 31/38] change ImportPrivateKey

---
 .../Examples/ExamplesTests.cs                  | 18 +++---------------
 1 file changed, 3 insertions(+), 15 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 0d1f1360..131828ba 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -319,7 +319,7 @@ public void TestRedisCloudConnection()
         var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
         var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
         var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
-        
+
         rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyPath)));
         redisUserCertificate.CopyWithPrivateKey(rsa);
         rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyText)));
@@ -373,20 +373,8 @@ public void TestRedisCloudConnection()
 
     public static RSAParameters ImportPrivateKey(string pem)
     {
-        PemReader pr = new PemReader(new StringReader(pem));
-        RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters)pr.ReadObject();
-        RSAParameters rp = new RSAParameters();
-        rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
-        rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
-        rp.P = privKey.P.ToByteArrayUnsigned();
-        rp.Q = privKey.Q.ToByteArrayUnsigned();
-        rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length);
-        rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length);
-        rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length);
-        rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length);
-
-           
-        return rp;
+        var rsa = RSA.FromPemString(pem);
+        return rsa.Parameters;
     }
 
     private static byte[] ConvertRSAParametersField(BigInteger n, int size)

From e30e2c5e2d87b33128b6807d189561122e0c0fae Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 1 May 2023 11:55:23 +0300
Subject: [PATCH 32/38] return to how it was before

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 131828ba..5c36cdd4 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -373,8 +373,19 @@ public void TestRedisCloudConnection()
 
     public static RSAParameters ImportPrivateKey(string pem)
     {
-        var rsa = RSA.FromPemString(pem);
-        return rsa.Parameters;
+        PemReader pr = new PemReader(new StringReader(pem));
+        RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters)pr.ReadObject();
+        RSAParameters rp = new RSAParameters();
+        rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
+        rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
+        rp.P = privKey.P.ToByteArrayUnsigned();
+        rp.Q = privKey.Q.ToByteArrayUnsigned();
+        rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length);
+        rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length);
+        rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length);
+        rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length);
+
+        return rp;
     }
 
     private static byte[] ConvertRSAParametersField(BigInteger n, int size)

From f450a89b3437c451dcd5694b28ff949b1c2fc32f Mon Sep 17 00:00:00 2001
From: shacharPash <shachar.pashchur@redis.com>
Date: Mon, 1 May 2023 14:44:04 +0300
Subject: [PATCH 33/38] comment repeated lines

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 5c36cdd4..15f558df 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -317,12 +317,12 @@ public void TestRedisCloudConnection()
         var rsa = RSA.Create();
 
         var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
-        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
-        var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
+        // var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
+        // var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
 
-        rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyPath)));
-        redisUserCertificate.CopyWithPrivateKey(rsa);
-        rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyText)));
+        rsa.ImportParameters(ImportPrivateKey(redisUserPrivateKeyText));
+        // redisUserCertificate.CopyWithPrivateKey(rsa);
+        // rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyText)));
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
 
         // Connect to Redis Cloud

From e646964a11a3ec27966bb53dc4d5c3fb6930cccb Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Mon, 1 May 2023 08:38:45 -0400
Subject: [PATCH 34/38] fixing 4.8.1 tests

---
 .../Examples/ExamplesTests.cs                 | 41 +++++++++++--------
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 5c36cdd4..6382c139 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -7,6 +7,7 @@
 using NRedisStack.Search;
 using NRedisStack.Search.Aggregation;
 using NRedisStack.Search.Literals.Enums;
+using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.OpenSsl;
@@ -300,7 +301,7 @@ public void TestJsonConvert()
 
 #if NET481
     [Fact]
-    public void TestRedisCloudConnection()
+    public void TestRedisCloudConnection_net481()
     {
         var root = Path.GetFullPath(Directory.GetCurrentDirectory());
         var redisCaPath = Path.GetFullPath(Path.Combine(root, "redis_ca.pem"));
@@ -317,12 +318,8 @@ public void TestRedisCloudConnection()
         var rsa = RSA.Create();
 
         var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
-        var pemFileData = File.ReadAllLines(redisUserPrivateKeyPath).Where(x => !x.StartsWith("-"));
-        var binaryEncoding = Convert.FromBase64String(string.Join(null, pemFileData));
+        rsa.ImportParameters(ImportPrivateKey(redisUserPrivateKeyText));
 
-        rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyPath)));
-        redisUserCertificate.CopyWithPrivateKey(rsa);
-        rsa.ImportParameters(ImportPrivateKey(File.ReadAllText(redisUserPrivateKeyText)));
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
 
         // Connect to Redis Cloud
@@ -333,7 +330,7 @@ public void TestRedisCloudConnection()
             Password = password
         };
 
-        redisConfiguration.CertificateSelection += (_, _, _, _, _) => clientCert;
+        redisConfiguration.CertificateSelection += (_, _, _, _, _) => new X509Certificate2(clientCert.Export(X509ContentType.Pfx));
 
         redisConfiguration.CertificateValidation += (_, cert, _, errors) =>
         {
@@ -373,18 +370,26 @@ public void TestRedisCloudConnection()
 
     public static RSAParameters ImportPrivateKey(string pem)
     {
-        PemReader pr = new PemReader(new StringReader(pem));
-        RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters)pr.ReadObject();
+        using var sr = new StringReader(pem);
+        PemReader pr = new PemReader(sr);
         RSAParameters rp = new RSAParameters();
-        rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
-        rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
-        rp.P = privKey.P.ToByteArrayUnsigned();
-        rp.Q = privKey.Q.ToByteArrayUnsigned();
-        rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length);
-        rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length);
-        rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length);
-        rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length);
-
+        while (sr.Peek() != -1)
+        {
+            var privKey = pr.ReadObject() as AsymmetricCipherKeyPair;
+            var pkParamaters = (RsaPrivateCrtKeyParameters)privKey.Private;
+            if (privKey != null)
+            {
+                rp.Modulus = pkParamaters.Modulus.ToByteArrayUnsigned();
+                rp.Exponent = pkParamaters.PublicExponent.ToByteArrayUnsigned();
+                rp.P = pkParamaters.P.ToByteArrayUnsigned();
+                rp.Q = pkParamaters.Q.ToByteArrayUnsigned();
+                rp.D = ConvertRSAParametersField(pkParamaters.Exponent, rp.Modulus.Length);
+                rp.DP = ConvertRSAParametersField(pkParamaters.DP, rp.P.Length);
+                rp.DQ = ConvertRSAParametersField(pkParamaters.DQ, rp.Q.Length);
+                rp.InverseQ = ConvertRSAParametersField(pkParamaters.QInv, rp.Q.Length);
+            }
+        }
+        pr.ReadObject();
         return rp;
     }
 

From a5eaf029f6ba65b5d4a5b2fb9217a6c018b0aae5 Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Mon, 1 May 2023 08:52:48 -0400
Subject: [PATCH 35/38] adding some light debugging

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 6382c139..016f740b 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -13,15 +13,20 @@
 using Org.BouncyCastle.OpenSsl;
 using StackExchange.Redis;
 using Xunit;
+using Xunit.Abstractions;
 using static NRedisStack.Search.Schema;
 
 namespace NRedisStack.Tests;
 
 public class ExaplesTests : AbstractNRedisStackTest, IDisposable
 {
+    private readonly ITestOutputHelper testOutputHelper;
     Mock<IDatabase> _mock = new Mock<IDatabase>();
     private readonly string key = "EXAMPLES_TESTS";
-    public ExaplesTests(RedisFixture redisFixture) : base(redisFixture) { }
+    public ExaplesTests(RedisFixture redisFixture, ITestOutputHelper testOutputHelper) : base(redisFixture)
+    {
+        this.testOutputHelper = testOutputHelper;
+    }
 
     public void Dispose()
     {
@@ -318,6 +323,7 @@ public void TestRedisCloudConnection_net481()
         var rsa = RSA.Create();
 
         var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
+        testOutputHelper.WriteLine($"key length: {redisUserPrivateKeyText.Length} and starts with {redisUserPrivateKeyText.Substring(0,5)}");
         rsa.ImportParameters(ImportPrivateKey(redisUserPrivateKeyText));
 
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);
@@ -376,9 +382,9 @@ public static RSAParameters ImportPrivateKey(string pem)
         while (sr.Peek() != -1)
         {
             var privKey = pr.ReadObject() as AsymmetricCipherKeyPair;
-            var pkParamaters = (RsaPrivateCrtKeyParameters)privKey.Private;
             if (privKey != null)
             {
+                var pkParamaters = (RsaPrivateCrtKeyParameters)privKey.Private;
                 rp.Modulus = pkParamaters.Modulus.ToByteArrayUnsigned();
                 rp.Exponent = pkParamaters.PublicExponent.ToByteArrayUnsigned();
                 rp.P = pkParamaters.P.ToByteArrayUnsigned();
@@ -388,6 +394,10 @@ public static RSAParameters ImportPrivateKey(string pem)
                 rp.DQ = ConvertRSAParametersField(pkParamaters.DQ, rp.Q.Length);
                 rp.InverseQ = ConvertRSAParametersField(pkParamaters.QInv, rp.Q.Length);
             }
+            else
+            {
+                throw new ArgumentException("Pem is malformed and could not be parsed");
+            }
         }
         pr.ReadObject();
         return rp;

From 1966aea2d1839a3f67832bfcc6f6855b1475b424 Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Mon, 1 May 2023 08:59:46 -0400
Subject: [PATCH 36/38] could it be?

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 016f740b..8e607658 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -323,7 +323,7 @@ public void TestRedisCloudConnection_net481()
         var rsa = RSA.Create();
 
         var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
-        testOutputHelper.WriteLine($"key length: {redisUserPrivateKeyText.Length} and starts with {redisUserPrivateKeyText.Substring(0,5)}");
+        testOutputHelper.WriteLine($"key length: {redisUserPrivateKeyText.Length} and starts with {redisUserPrivateKeyText.Substring(0,5)} and ends with {redisUserPrivateKeyText.Substring(redisUserPrivateKeyText.Length-6)}");
         rsa.ImportParameters(ImportPrivateKey(redisUserPrivateKeyText));
 
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);

From 7f10958a3f81b315f202a89d63d7ee5bfd1e1ee3 Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Mon, 1 May 2023 09:15:09 -0400
Subject: [PATCH 37/38] adding trim

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index 8e607658..b23a5b08 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -322,8 +322,8 @@ public void TestRedisCloudConnection_net481()
 
         var rsa = RSA.Create();
 
-        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath);
-        testOutputHelper.WriteLine($"key length: {redisUserPrivateKeyText.Length} and starts with {redisUserPrivateKeyText.Substring(0,5)} and ends with {redisUserPrivateKeyText.Substring(redisUserPrivateKeyText.Length-6)}");
+        var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath).Trim();
+        testOutputHelper.WriteLine($"key length: {redisUserPrivateKeyText.Length} and starts with {redisUserPrivateKeyText.Substring(0,5)} and ends with {redisUserPrivateKeyText.Substring(redisUserPrivateKeyText.Length-5)}");
         rsa.ImportParameters(ImportPrivateKey(redisUserPrivateKeyText));
 
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);

From ad11e0bb6df81af538579ad71d735e27325573ae Mon Sep 17 00:00:00 2001
From: slorello89 <slorello89@gmail.com>
Date: Mon, 1 May 2023 09:24:04 -0400
Subject: [PATCH 38/38] removing debugging

---
 tests/NRedisStack.Tests/Examples/ExamplesTests.cs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
index b23a5b08..d95fc2da 100644
--- a/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
+++ b/tests/NRedisStack.Tests/Examples/ExamplesTests.cs
@@ -323,7 +323,6 @@ public void TestRedisCloudConnection_net481()
         var rsa = RSA.Create();
 
         var redisUserPrivateKeyText = File.ReadAllText(redisUserPrivateKeyPath).Trim();
-        testOutputHelper.WriteLine($"key length: {redisUserPrivateKeyText.Length} and starts with {redisUserPrivateKeyText.Substring(0,5)} and ends with {redisUserPrivateKeyText.Substring(redisUserPrivateKeyText.Length-5)}");
         rsa.ImportParameters(ImportPrivateKey(redisUserPrivateKeyText));
 
         var clientCert = redisUserCertificate.CopyWithPrivateKey(rsa);