* Update to .NET 10.0 for Bitwarden server 2026.5.0 compatibility
Bitwarden server 2026.5.0 ships with .NET 10.0 runtime only, breaking
the fast-patch build. This commit updates all .NET projects and build
pipelines to target net10.0 and the dotnet/sdk:10.0 image.
Additionally:
- Replace obsolete X509Certificate2(byte[]) constructors with
X509CertificateLoader.LoadCertificate() / LoadPkcs12FromFile()
to resolve SYSLIB0057 warnings introduced in .NET 9/10
- Add -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256 to
generate-keys.sh PKCS#12 export, fixing OpenSSL 3.x errors caused
by the deprecated RC2-40-CBC legacy algorithm
- Update FixRuntimeConfig fallback framework version to 10.0.0
Fixes#281
Signed-off-by: Pascal Pothmann <19438422+p0thi@users.noreply.github.com>
* Fix certificate validation by replacing all thumbprint occurrences
Bitwarden's LicensingService performs two validation checks:
1. Validates _creationCertificate thumbprint
2. Validates all certificates in _verificationCertificates
The thumbprint constants are inlined at compile time, creating multiple
Ldstr instructions in the IL code. The patcher was only replacing the
first occurrence, causing the second validation to fail with:
'Invalid license verifying certificate.'
This fix replaces ALL occurrences of the old thumbprint to ensure both
validation checks pass.
Fixes runtime error: 'Invalid license verifying certificate'
---------
Signed-off-by: Pascal Pothmann <19438422+p0thi@users.noreply.github.com>
Co-authored-by: Pascal Pothmann <19438422+p0thi@users.noreply.github.com>
* Use absolute path rather than relative path in scripts
* Remove src/bitBetter/.keys/cert.cert
* Build licenseGen in Docker
This way we don't have to install dotnet sdk on the host
* Build bitBetter in Docker
This way we don't have to install dotnet sdk on the host
* Change DIR in run.sh to point to the project root
* Replace echo in Dockerfiles by set -x and set -e
* Use same Dockerfile for api and identity images
* Update README.md
* Update CircleCI config
The Docker Executor can't mount volume.
https://support.circleci.com/hc/en-us/articles/360007324514https://circleci.com/docs/2.0/executor-types/#using-machine
* Make scripts work with sh
* Remove the container used to build bitBetter
* Added a Key Generating script
To make the keygen process a bit easier I've added a `generate-keys.sh` script that can be found in the `.keys` directory. It will generate the key & cert and bundle them into the required pkcs#12 file automatically when running the build script if none already exist.
* Generate bitbetter/identiry container with modified Core.dll
Added the generation of a second modified container, bitbetter/identity, which contains the modified dll. Fixes#12.
This works on my testing environment but has not gone through extensive testing. I'd recommend a review and cleanup of this commit before it is merged into the develop or master branches.
