Feat/load webapi without config

[ndorin]

This pull request introduces several improvements and fixes across certificate handling, configuration validation, and logging in the Essentials codebase. The most significant changes are the overhaul of certificate loading for better compatibility on specific runtimes, enhanced validation and error handling for configuration loading, and improved logging for easier diagnostics and developer experience.

Certificate handling improvements:

• Replaced the .NET/Mono PFX parser with a custom method (LoadCertFromBouncyCastle) to load PKCS#12 certificates generated by BouncyCastle, ensuring compatibility on Crestron runtimes. The new method directly reads the certificate and attaches the private key, and securely clears password arrays from memory after use.
• Added missing Org.BouncyCastle.Crypto.Parameters and System.Security.Cryptography imports to support new certificate handling logic.
• Improved security by clearing password character arrays after use in certificate creation and loading. [1] [2]

Configuration validation and error handling:

• Enhanced config loading and device/tie line/room initialization to check for null configuration objects, preventing null reference exceptions and providing clear warning messages if the config file is missing or invalid. [1] [2] [3] [4] [5]
• Changed error log level to Warning when config loading fails, and improved messaging to guide users. [1] [2]

Logging and diagnostics enhancements:

• Added clear log messages to indicate when the Web API is initialized and to advertise the Developer Tools Web App URL, improving developer awareness and experience.
• Minor whitespace and formatting tweaks for code clarity.

Other changes:

• Commented out the firmware version check in ControlSystem.InitializeSystem, possibly to allow running on a wider range of firmware versions or for development purposes. [1] [2]

These changes collectively improve the reliability, security, and usability of the system, especially in environments with strict runtime constraints or where configuration errors are common.

[Copilot]

Pull request overview

This PR updates Essentials startup and diagnostic behavior to better support running the Web API and developer tooling even when a valid configuration file is not present, and improves certificate loading compatibility for Crestron runtimes.

Changes:

• Allow ControlSystem.GoWithLoad() to proceed when config load fails / config is null, with additional null-guards in device/room/tieline loading paths.
• Add startup/diagnostic log output for Web API readiness and the Developer Tools web app URL.
• Replace PFX loading for the debug websocket sink with a BouncyCastle-based PKCS#12 reader and clear password char arrays after use.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.

File	Description
src/PepperDash.Essentials/ControlSystem.cs	Enables config-less startup by not aborting on config load failure and adds null checks around config-driven initialization.
src/PepperDash.Essentials.Core/Web/EssentialsWebApi.cs	Adds additional log output after route enumeration, including a Developer Tools URL.
src/PepperDash.Core/Logging/DebugWebsocketSink.cs	Switches certificate loading to a BouncyCastle PKCS#12 path and clears password buffers after use.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.