Log dotnet trust success

amcasey · amcasey · commit 6ae6f65e831a · 2024-07-23T16:38:27.000-07:00
diff --git a/src/Shared/CertificateGeneration/CertificateManager.cs b/src/Shared/CertificateGeneration/CertificateManager.cs
@@ -1135,83 +1135,86 @@ public sealed class CertificateManagerEventSource : EventSource
         [Event(86, Level = EventLevel.Warning, Message = "Failed to trust the certificate in .NET: {0}.")]
         internal void UnixDotnetTrustException(string exceptionMessage) => WriteEvent(86, exceptionMessage);
 
-        [Event(87, Level = EventLevel.Warning, Message = "Clients that validate certificate trust using OpenSSL will not trust the certificate.")]
-        internal void UnixOpenSslTrustFailed() => WriteEvent(87);
+        [Event(87, Level = EventLevel.Verbose, Message = "Trusted the certificate in .NET.")]
+        internal void UnixDotnetTrustSucceeded() => WriteEvent(87);
 
-        [Event(88, Level = EventLevel.Verbose, Message = "Trusted the certificate in OpenSSL.")]
-        internal void UnixOpenSslTrustSucceeded() => WriteEvent(88);
+        [Event(88, Level = EventLevel.Warning, Message = "Clients that validate certificate trust using OpenSSL will not trust the certificate.")]
+        internal void UnixOpenSslTrustFailed() => WriteEvent(88);
 
-        [Event(89, Level = EventLevel.Warning, Message = "Failed to trust the certificate in the NSS database in '{0}'. This will likely affect the {1} family of browsers.")]
-        internal void UnixNssDbTrustFailed(string path, string browser) => WriteEvent(89, path, browser);
+        [Event(89, Level = EventLevel.Verbose, Message = "Trusted the certificate in OpenSSL.")]
+        internal void UnixOpenSslTrustSucceeded() => WriteEvent(89);
 
-        [Event(90, Level = EventLevel.Verbose, Message = "Trusted the certificate in the NSS database in '{0}'.")]
-        internal void UnixNssDbTrustSucceeded(string path) => WriteEvent(90, path);
+        [Event(90, Level = EventLevel.Warning, Message = "Failed to trust the certificate in the NSS database in '{0}'. This will likely affect the {1} family of browsers.")]
+        internal void UnixNssDbTrustFailed(string path, string browser) => WriteEvent(90, path, browser);
 
-        [Event(91, Level = EventLevel.Warning, Message = "Failed to untrust the certificate in .NET: {0}.")]
-        internal void UnixDotnetUntrustException(string exceptionMessage) => WriteEvent(91, exceptionMessage);
+        [Event(91, Level = EventLevel.Verbose, Message = "Trusted the certificate in the NSS database in '{0}'.")]
+        internal void UnixNssDbTrustSucceeded(string path) => WriteEvent(91, path);
 
-        [Event(92, Level = EventLevel.Warning, Message = "Failed to untrust the certificate in OpenSSL.")]
-        internal void UnixOpenSslUntrustFailed() => WriteEvent(92);
+        [Event(92, Level = EventLevel.Warning, Message = "Failed to untrust the certificate in .NET: {0}.")]
+        internal void UnixDotnetUntrustException(string exceptionMessage) => WriteEvent(92, exceptionMessage);
 
-        [Event(93, Level = EventLevel.Verbose, Message = "Untrusted the certificate in OpenSSL.")]
-        internal void UnixOpenSslUntrustSucceeded() => WriteEvent(93);
+        [Event(93, Level = EventLevel.Warning, Message = "Failed to untrust the certificate in OpenSSL.")]
+        internal void UnixOpenSslUntrustFailed() => WriteEvent(93);
 
-        [Event(94, Level = EventLevel.Warning, Message = "Failed to remove the certificate from the NSS database in '{0}'.")]
-        internal void UnixNssDbUntrustFailed(string path) => WriteEvent(94, path);
+        [Event(94, Level = EventLevel.Verbose, Message = "Untrusted the certificate in OpenSSL.")]
+        internal void UnixOpenSslUntrustSucceeded() => WriteEvent(94);
 
-        [Event(95, Level = EventLevel.Verbose, Message = "Removed the certificate from the NSS database in '{0}'.")]
-        internal void UnixNssDbUntrustSucceeded(string path) => WriteEvent(95, path);
+        [Event(95, Level = EventLevel.Warning, Message = "Failed to remove the certificate from the NSS database in '{0}'.")]
+        internal void UnixNssDbUntrustFailed(string path) => WriteEvent(95, path);
 
-        [Event(96, Level = EventLevel.Warning, Message = "The certificate is only partially trusted - some clients will not accept it.")]
-        internal void UnixTrustPartiallySucceeded() => WriteEvent(96);
+        [Event(96, Level = EventLevel.Verbose, Message = "Removed the certificate from the NSS database in '{0}'.")]
+        internal void UnixNssDbUntrustSucceeded(string path) => WriteEvent(96, path);
 
-        [Event(97, Level = EventLevel.Warning, Message = "Failed to look up the certificate in the NSS database in '{0}': {1}.")]
-        internal void UnixNssDbCheckException(string path, string exceptionMessage) => WriteEvent(97, path, exceptionMessage);
+        [Event(97, Level = EventLevel.Warning, Message = "The certificate is only partially trusted - some clients will not accept it.")]
+        internal void UnixTrustPartiallySucceeded() => WriteEvent(97);
 
-        [Event(98, Level = EventLevel.Warning, Message = "Failed to add the certificate to the NSS database in '{0}': {1}.")]
-        internal void UnixNssDbAdditionException(string path, string exceptionMessage) => WriteEvent(98, path, exceptionMessage);
+        [Event(98, Level = EventLevel.Warning, Message = "Failed to look up the certificate in the NSS database in '{0}': {1}.")]
+        internal void UnixNssDbCheckException(string path, string exceptionMessage) => WriteEvent(98, path, exceptionMessage);
 
-        [Event(99, Level = EventLevel.Warning, Message = "Failed to remove the certificate from the NSS database in '{0}': {1}.")]
-        internal void UnixNssDbRemovalException(string path, string exceptionMessage) => WriteEvent(99, path, exceptionMessage);
+        [Event(99, Level = EventLevel.Warning, Message = "Failed to add the certificate to the NSS database in '{0}': {1}.")]
+        internal void UnixNssDbAdditionException(string path, string exceptionMessage) => WriteEvent(99, path, exceptionMessage);
 
-        [Event(100, Level = EventLevel.Warning, Message = "Failed to find the Firefox profiles in directory '{0}': {1}.")]
-        internal void UnixFirefoxProfileEnumerationException(string firefoxDirectory, string message) => WriteEvent(100, firefoxDirectory, message);
+        [Event(100, Level = EventLevel.Warning, Message = "Failed to remove the certificate from the NSS database in '{0}': {1}.")]
+        internal void UnixNssDbRemovalException(string path, string exceptionMessage) => WriteEvent(100, path, exceptionMessage);
 
-        [Event(101, Level = EventLevel.Verbose, Message = "No Firefox profiles found in directory '{0}'.")]
-        internal void UnixNoFirefoxProfilesFound(string firefoxDirectory) => WriteEvent(101, firefoxDirectory);
+        [Event(101, Level = EventLevel.Warning, Message = "Failed to find the Firefox profiles in directory '{0}': {1}.")]
+        internal void UnixFirefoxProfileEnumerationException(string firefoxDirectory, string message) => WriteEvent(101, firefoxDirectory, message);
 
-        [Event(102, Level = EventLevel.Warning, Message = "Failed to trust the certificate in the NSS database in '{0}'. This will likely affect the {1} family of browsers. " +
+        [Event(102, Level = EventLevel.Verbose, Message = "No Firefox profiles found in directory '{0}'.")]
+        internal void UnixNoFirefoxProfilesFound(string firefoxDirectory) => WriteEvent(102, firefoxDirectory);
+
+        [Event(103, Level = EventLevel.Warning, Message = "Failed to trust the certificate in the NSS database in '{0}'. This will likely affect the {1} family of browsers. " +
             "This likely indicates that the database already contains an entry for the certificate under a different name. Please remove it and try again.")]
-        internal void UnixNssDbTrustFailedWithProbableConflict(string path, string browser) => WriteEvent(102, path, browser);
+        internal void UnixNssDbTrustFailedWithProbableConflict(string path, string browser) => WriteEvent(103, path, browser);
 
         // This may be annoying, since anyone setting the variable for un/trust will likely leave it set for --check.
         // However, it seems important to warn users who set it specifically for --check.
-        [Event(103, Level = EventLevel.Warning, Message = "The {0} environment variable is set but will not be consumed while checking trust.")]
-        internal void UnixOpenSslCertificateDirectoryOverrideIgnored(string openSslCertDirectoryOverrideVariableName) => WriteEvent(103, openSslCertDirectoryOverrideVariableName);
+        [Event(104, Level = EventLevel.Warning, Message = "The {0} environment variable is set but will not be consumed while checking trust.")]
+        internal void UnixOpenSslCertificateDirectoryOverrideIgnored(string openSslCertDirectoryOverrideVariableName) => WriteEvent(104, openSslCertDirectoryOverrideVariableName);
 
-        [Event(104, Level = EventLevel.Warning, Message = "The {0} command is unavailable.  It is required for updating certificate trust in OpenSSL.")]
-        internal void UnixMissingOpenSslCommand(string openSslCommand) => WriteEvent(104, openSslCommand);
+        [Event(105, Level = EventLevel.Warning, Message = "The {0} command is unavailable.  It is required for updating certificate trust in OpenSSL.")]
+        internal void UnixMissingOpenSslCommand(string openSslCommand) => WriteEvent(105, openSslCommand);
 
-        [Event(105, Level = EventLevel.Warning, Message = "The {0} command is unavailable.  It is required for querying and updating NSS databases, which are chiefly used to trust certificates in browsers.")]
-        internal void UnixMissingCertUtilCommand(string certUtilCommand) => WriteEvent(105, certUtilCommand);
+        [Event(106, Level = EventLevel.Warning, Message = "The {0} command is unavailable.  It is required for querying and updating NSS databases, which are chiefly used to trust certificates in browsers.")]
+        internal void UnixMissingCertUtilCommand(string certUtilCommand) => WriteEvent(106, certUtilCommand);
 
-        [Event(106, Level = EventLevel.Verbose, Message = "Untrusting the certificate in OpenSSL was skipped since '{0}' does not exist.")]
-        internal void UnixOpenSslUntrustSkipped(string certPath) => WriteEvent(106, certPath);
+        [Event(107, Level = EventLevel.Verbose, Message = "Untrusting the certificate in OpenSSL was skipped since '{0}' does not exist.")]
+        internal void UnixOpenSslUntrustSkipped(string certPath) => WriteEvent(107, certPath);
 
-        [Event(107, Level = EventLevel.Warning, Message = "Failed to delete certificate file '{0}': {1}.")]
-        internal void UnixCertificateFileDeletionException(string certPath, string exceptionMessage) => WriteEvent(107, certPath, exceptionMessage);
+        [Event(108, Level = EventLevel.Warning, Message = "Failed to delete certificate file '{0}': {1}.")]
+        internal void UnixCertificateFileDeletionException(string certPath, string exceptionMessage) => WriteEvent(108, certPath, exceptionMessage);
 
-        [Event(108, Level = EventLevel.Error, Message = "Unable to export the certificate since '{0}' already exists. Please remove it.")]
-        internal void UnixNotOverwritingCertificate(string certPath) => WriteEvent(108, certPath);
+        [Event(109, Level = EventLevel.Error, Message = "Unable to export the certificate since '{0}' already exists. Please remove it.")]
+        internal void UnixNotOverwritingCertificate(string certPath) => WriteEvent(109, certPath);
 
-        [Event(109, Level = EventLevel.LogAlways, Message = "For OpenSSL trust to take effect, '{0}' must be listed in the {2} environment variable. " +
+        [Event(110, Level = EventLevel.LogAlways, Message = "For OpenSSL trust to take effect, '{0}' must be listed in the {2} environment variable. " +
             "For example, `export SSL_CERT_DIR={0}:{1}`. " +
             "See https://aka.ms/dev-certs-trust for more information.")]
-        internal void UnixSuggestSettingEnvironmentVariable(string certDir, string openSslDir, string envVarName) => WriteEvent(109, certDir, openSslDir, envVarName);
+        internal void UnixSuggestSettingEnvironmentVariable(string certDir, string openSslDir, string envVarName) => WriteEvent(110, certDir, openSslDir, envVarName);
 
-        [Event(110, Level = EventLevel.LogAlways, Message = "For OpenSSL trust to take effect, '{0}' must be listed in the {2} environment variable. " +
+        [Event(111, Level = EventLevel.LogAlways, Message = "For OpenSSL trust to take effect, '{0}' must be listed in the {2} environment variable. " +
             "See https://aka.ms/dev-certs-trust for more information.")]
-        internal void UnixSuggestSettingEnvironmentVariableWithoutExample(string certDir, string envVarName) => WriteEvent(110, certDir, envVarName);
+        internal void UnixSuggestSettingEnvironmentVariableWithoutExample(string certDir, string envVarName) => WriteEvent(111, certDir, envVarName);
     }
 
     internal sealed class UserCancelledTrustException : Exception
diff --git a/src/Shared/CertificateGeneration/UnixCertificateManager.cs b/src/Shared/CertificateGeneration/UnixCertificateManager.cs
@@ -196,6 +196,7 @@ protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate)
                 using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert));
                 // FriendlyName is Windows-only, so we don't set it here.
                 store.Add(publicCertificate);
+                Log.UnixDotnetTrustSucceeded();
                 sawTrustSuccess = true;
             }
             catch (Exception ex)

Original file line number	Diff line number	Diff line change
`@@ -196,6 +196,7 @@ protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate)`
`196`	`196`	`using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert));`
`197`	`197`	`// FriendlyName is Windows-only, so we don't set it here.`
`198`	`198`	`store.Add(publicCertificate);`
	`199`	`+ Log.UnixDotnetTrustSucceeded();`
`199`	`200`	`sawTrustSuccess = true;`
`200`	`201`	`}`
`201`	`202`	`catch (Exception ex)`