fix validation

Microsoft.Azure.Cosmos/src/CosmosClientOptions.cs

@@ -731,6 +731,11 @@ internal Protocol ConnectionProtocol
         /// Flag that controls whether CPU monitoring thread is created to enrich timeout exceptions with additional diagnostic. Default value is true.
         /// </summary>
         internal bool? EnableCpuMonitor { get; set; }
+
+        /// <summary>
+        /// Flag indicates the value of DisableServerCertificateValidation flag set at connection string level.Default it is false.
+        /// </summary>
+        internal bool DisableServerCertificateValidation { get; set; }
 
         /// <summary>
         /// Gets or sets Client Telemetry Options like feature flags and corresponding options
@@ -758,7 +763,7 @@ internal virtual ConnectionPolicy GetConnectionPolicy(int clientId)
             this.ValidateDirectTCPSettings();
             this.ValidateLimitToEndpointSettings();
             this.ValidatePartitionLevelFailoverSettings();
-            this.ValidateServerCallbackSettings();
+            this.ValidateAndSetServerCallbackSettings();
 
             ConnectionPolicy connectionPolicy = new ConnectionPolicy()
             {
@@ -867,7 +872,7 @@ internal static CosmosClientOptions GetCosmosClientOptionsWithCertificateFlag(st
             clientOptions ??= new CosmosClientOptions();
             if (CosmosClientOptions.IsConnectionStringDisableServerCertificateValidationFlag(connectionString))
             {
-                clientOptions.ServerCertificateCustomValidationCallback = (_, _, _) => true;
+                clientOptions.DisableServerCertificateValidation = true;
             }
 
             return clientOptions;
@@ -932,11 +937,16 @@ private void ValidatePartitionLevelFailoverSettings()
             }
         }
 
-        private void ValidateServerCallbackSettings()
+        private void ValidateAndSetServerCallbackSettings()
         {
-            if (this.HttpClientFactory != null && this.ServerCertificateCustomValidationCallback != null)
+            if (this.DisableServerCertificateValidation && this.ServerCertificateCustomValidationCallback != null)
             {
-                throw new ArgumentException($"Cannot specify {nameof(this.HttpClientFactory)} and {nameof(this.ServerCertificateCustomValidationCallback)}. Only one can be set.");
+                throw new ArgumentException($"Cannot specify {nameof(this.DisableServerCertificateValidation)} flag in Connection String and {nameof(this.ServerCertificateCustomValidationCallback)}. Only one can be set.");
+            }
+
+            if (this.DisableServerCertificateValidation)
+            {
+                this.ServerCertificateCustomValidationCallback = (_, _, _) => true;
             }
         }
 

Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.Tests/CosmosClientOptionsUnitTests.cs

@@ -892,6 +892,7 @@ public void InvalidApplicationNameCatchTest()
         [TestMethod]
         [DataRow(ConnectionString, false)]
         [DataRow(ConnectionString + "DisableServerCertificateValidation=true;", true)]
+        [DataRow(ConnectionString + "DisableServerCertificateValidation=false;", false)]
         public void TestServerCertificatesValidationCallback(string connStr, bool expectedIgnoreCertificateFlag)
         {
             //Arrange
@@ -917,11 +918,11 @@ public void TestServerCertificatesValidationCallback(string connStr, bool expect
         [TestMethod]
         [DataRow(ConnectionString + "DisableServerCertificateValidation=true;")]
         [ExpectedException(typeof(ArgumentException))]
-        public void TestServerCertificatesValidationWithHttpFactoryCallback(string connStr)
+        public void TestServerCertificatesValidationWithDisableSSLFlagTrue(string connStr)
         {
             CosmosClientOptions options = new CosmosClientOptions
             {
-                HttpClientFactory = () => new HttpClient()
+               ServerCertificateCustomValidationCallback = (certificate, chain, sslPolicyErrors) => true
             };
             CosmosClient cosmosClient = new CosmosClient(connStr, options);
         }