@@ -48,6 +48,8 @@ public sealed class CertificateManager : IDisposable
4848
4949 private readonly CancellationTokenSource clearCertificatesTokenSource ;
5050
51+ private readonly object rootCertCreationLock ;
52+
5153 private ICertificateMaker certEngine ;
5254
5355 private CertificateEngine engine ;
@@ -103,6 +105,8 @@ internal CertificateManager(string rootCertificateName, string rootCertificateIs
103105 clearCertificatesTokenSource = new CancellationTokenSource ( ) ;
104106
105107 certificateCache = new DefaultCertificateDiskCache ( ) ;
108+
109+ rootCertCreationLock = new object ( ) ;
106110 }
107111
108112 /// <summary>
@@ -515,63 +519,68 @@ internal void StopClearIdleCertificates()
515519 /// </returns>
516520 public bool CreateRootCertificate ( bool persistToFile = true )
517521 {
518- if ( persistToFile && RootCertificate == null )
519- {
520- RootCertificate = LoadRootCertificate ( ) ;
521- }
522-
523- if ( RootCertificate != null )
524- {
525- return true ;
526- }
527-
528- if ( ! OverwritePfxFile )
522+ lock ( rootCertCreationLock )
529523 {
530- try
524+ if ( persistToFile && RootCertificate == null )
531525 {
532- var rootCert = certificateCache . LoadRootCertificate ( PfxFilePath , PfxPassword , X509KeyStorageFlags . Exportable ) ;
533- if ( rootCert != null )
534- {
535- return false ;
536- }
526+ RootCertificate = LoadRootCertificate ( ) ;
537527 }
538- catch
528+
529+ if ( RootCertificate != null )
539530 {
540- // root cert cannot be loaded
531+ return true ;
541532 }
542- }
543-
544- try
545- {
546- RootCertificate = CreateCertificate ( RootCertificateName , true ) ;
547- }
548- catch ( Exception e )
549- {
550- ExceptionFunc ( e ) ;
551- }
552533
553- if ( persistToFile && RootCertificate != null )
554- {
555- try
534+ if ( ! OverwritePfxFile )
556535 {
557536 try
558537 {
559- certificateCache . Clear ( ) ;
538+ var rootCert = certificateCache . LoadRootCertificate ( PfxFilePath , PfxPassword ,
539+ X509KeyStorageFlags . Exportable ) ;
540+
541+ if ( rootCert != null )
542+ {
543+ return false ;
544+ }
560545 }
561546 catch
562547 {
563- // ignore
548+ // root cert cannot be loaded
564549 }
550+ }
565551
566- certificateCache . SaveRootCertificate ( PfxFilePath , PfxPassword , RootCertificate ) ;
552+ try
553+ {
554+ RootCertificate = CreateCertificate ( RootCertificateName , true ) ;
567555 }
568556 catch ( Exception e )
569557 {
570558 ExceptionFunc ( e ) ;
571559 }
572- }
573560
574- return RootCertificate != null ;
561+ if ( persistToFile && RootCertificate != null )
562+ {
563+ try
564+ {
565+ try
566+ {
567+ certificateCache . Clear ( ) ;
568+ }
569+ catch
570+ {
571+ // ignore
572+ }
573+
574+ certificateCache . SaveRootCertificate ( PfxFilePath , PfxPassword , RootCertificate ) ;
575+ }
576+ catch ( Exception e )
577+ {
578+ ExceptionFunc ( e ) ;
579+ }
580+ }
581+
582+ return RootCertificate != null ;
583+ }
575584 }
576585
577586 /// <summary>
@@ -600,7 +609,7 @@ public X509Certificate2 LoadRootCertificate()
600609 /// </param>
601610 /// <param name="password">Set a password for the .pfx file.</param>
602611 /// <param name="overwritePfXFile">
603- /// true : replace an existing .pfx file if password is incorect or if
612+ /// true : replace an existing .pfx file if password is incorrect or if
604613 /// RootCertificate==null.
605614 /// </param>
606615 /// <param name="storageFlag"></param>
0 commit comments