diff --git a/src/DataProtection/DataProtection/src/Repositories/DefaultKeyStorageDirectories.cs b/src/DataProtection/DataProtection/src/Repositories/DefaultKeyStorageDirectories.cs
index 4e2f901bea31a5b2bdb8c1952f997b62b252b7e6..d68854df3a6048cd8c01cf74b7099c4b1ad431d9 100644
--- a/src/DataProtection/DataProtection/src/Repositories/DefaultKeyStorageDirectories.cs
+++ b/src/DataProtection/DataProtection/src/Repositories/DefaultKeyStorageDirectories.cs
@@ -36,8 +36,7 @@ internal sealed class DefaultKeyStorageDirectories : IDefaultKeyStorageDirectori
// Environment.GetFolderPath returns null if the user profile isn't loaded.
var localAppDataFromSystemPath = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData);
var localAppDataFromEnvPath = Environment.GetEnvironmentVariable("LOCALAPPDATA");
- var userProfilePath = Environment.GetEnvironmentVariable("USERPROFILE");
- var homePath = Environment.GetEnvironmentVariable("HOME");
+ var homePath = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows) && !string.IsNullOrEmpty(localAppDataFromSystemPath))
{
@@ -49,15 +48,17 @@ internal sealed class DefaultKeyStorageDirectories : IDefaultKeyStorageDirectori
{
retVal = GetKeyStorageDirectoryFromBaseAppDataPath(localAppDataFromEnvPath);
}
- else if (userProfilePath != null)
- {
- retVal = GetKeyStorageDirectoryFromBaseAppDataPath(Path.Combine(userProfilePath, "AppData", "Local"));
- }
else if (homePath != null)
{
- // If LOCALAPPDATA and USERPROFILE are not present but HOME is,
- // it's a good guess that this is a *NIX machine. Use *NIX conventions for a folder name.
- retVal = new DirectoryInfo(Path.Combine(homePath, ".aspnet", DataProtectionKeysFolderName));
+ if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
+ {
+ retVal = GetKeyStorageDirectoryFromBaseAppDataPath(Path.Combine(homePath, "AppData", "Local"));
+ }
+ else
+ {
+ // Use*NIX conventions for a folder name.
+ retVal = new DirectoryInfo(Path.Combine(homePath, ".aspnet", DataProtectionKeysFolderName));
+ }
}
else if (!string.IsNullOrEmpty(localAppDataFromSystemPath))
{
@@ -92,7 +93,7 @@ internal sealed class DefaultKeyStorageDirectories : IDefaultKeyStorageDirectori
if (!String.IsNullOrEmpty(Environment.GetEnvironmentVariable("WEBSITE_INSTANCE_ID")))
{
var homeEnvVar = Environment.GetEnvironmentVariable("HOME");
- if (!String.IsNullOrEmpty(homeEnvVar))
+ if (!string.IsNullOrEmpty(homeEnvVar))
{
return GetKeyStorageDirectoryFromBaseAppDataPath(homeEnvVar);
}
diff --git a/src/Servers/Kestrel/Core/src/KestrelConfigurationLoader.cs b/src/Servers/Kestrel/Core/src/KestrelConfigurationLoader.cs
index 8119db9df46fb6a17138bcefcc44943c8ae55ff1..6a86097932cf516da9ea5216f6f7dbafc2ae9bd1 100644
--- a/src/Servers/Kestrel/Core/src/KestrelConfigurationLoader.cs
+++ b/src/Servers/Kestrel/Core/src/KestrelConfigurationLoader.cs
@@ -493,10 +493,9 @@ public class KestrelConfigurationLoader
private bool TryGetCertificatePath([NotNullWhen(true)] out string? path)
{
- // This will go away when we implement
- // https://github.com/aspnet/Hosting/issues/1294
+ // See https://github.com/aspnet/Hosting/issues/1294
var appData = Environment.GetEnvironmentVariable("APPDATA");
- var home = Environment.GetEnvironmentVariable("HOME");
+ var home = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);
var basePath = appData != null ? Path.Combine(appData, "ASP.NET", "https") : null;
basePath = basePath ?? (home != null ? Path.Combine(home, ".aspnet", "https") : null);
path = basePath != null ? Path.Combine(basePath, $"{HostEnvironment.ApplicationName}.pfx") : null;
diff --git a/src/Shared/CertificateGeneration/MacOSCertificateManager.cs b/src/Shared/CertificateGeneration/MacOSCertificateManager.cs
index 45b40ae341a11c071e8c6c6e7e58289ed776dc23..28c971680b778d0f3b7ba2e880c717e666f76724 100644
--- a/src/Shared/CertificateGeneration/MacOSCertificateManager.cs
+++ b/src/Shared/CertificateGeneration/MacOSCertificateManager.cs
@@ -16,7 +16,7 @@ namespace Microsoft.AspNetCore.Certificates.Generation;
internal sealed class MacOSCertificateManager : CertificateManager
{
private const string CertificateSubjectRegex = "CN=(.*[^,]+).*";
- private static readonly string MacOSUserKeyChain = Environment.GetEnvironmentVariable("HOME") + "/Library/Keychains/login.keychain-db";
+ private static readonly string MacOSUserKeyChain = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile) + "/Library/Keychains/login.keychain-db";
private const string MacOSSystemKeyChain = "/Library/Keychains/System.keychain";
private const string MacOSFindCertificateCommandLine = "security";
private const string MacOSFindCertificateCommandLineArgumentsFormat = "find-certificate -c {0} -a -Z -p " + MacOSSystemKeyChain;
@@ -91,7 +91,7 @@ internal sealed class MacOSCertificateManager : CertificateManager
internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate, bool interactive)
{
- var sentinelPath = Path.Combine(Environment.GetEnvironmentVariable("HOME")!, ".dotnet", $"certificates.{candidate.GetCertHashString(HashAlgorithmName.SHA256)}.sentinel");
+ var sentinelPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), ".dotnet", $"certificates.{candidate.GetCertHashString(HashAlgorithmName.SHA256)}.sentinel");
if (!interactive && !File.Exists(sentinelPath))
{
return new CheckCertificateStateResult(false, KeyNotAccessibleWithoutUserInteraction);