I have method for Kestrel configuration before starting asp.net core minimal API like this:
var clientCertificateThumbprint = "XYZ";var clientCertificateMode = ClientCertificateMode.RequireCertificate;var listeningPort = 11101;var tlsProtocol = SslProtocols.Tls12;var cert = CertificationService.GetCert();_builder.ConfigureKestrel(options =>{ options.ListenAnyIP(listeningPort, listenOptions => { listenOptions.UseHttps(cert, (httpsOptions) => { httpsOptions.SslProtocols = tlsProtocol; httpsOptions.ClientCertificateMode = clientCertificateMode; httpsOptions.ClientCertificateValidation = (certificate, chain, sslPolicyErrors) => ValidateClientCertificate(certificate, clientCertificateThumbprint); }); });});private bool ValidateClientCertificate(X509Certificate2? certificate, string thumbprint){ return certificate is null || DateTime.Now > certificate.NotAfter ? false : certificate.Thumbprint.Equals(thumbprint, StringComparison.OrdinalIgnoreCase);}But if I call the same method after application started, it fails with:
System.InvalidOperationException: 'The service collection cannot be modified because it is read-only.'
Is there any way how to achieve this?
I cannot use autoreaload from appsettings file, because all this configuration parameters comes from database. But if Kestrel can apply changes from appsettings file, there sholud be exist a way how to do it manually at runtime.