public async Task TestRequestAndInstallDnsCertificate() { var config = new AppSettingsAuthConfig(); var client = ArmHelper.GetWebSiteManagementClient(config); var kuduClient = KuduHelper.GetKuduClient(client, config); var body = new DnsAzureInstallModel() { AzureWebAppEnvironment = new AzureWebAppEnvironment(config.Tenant, config.SubscriptionId, config.ClientId, config.ClientSecret, config.ResourceGroupName, config.WebAppName), AcmeConfig = new AcmeConfig() { Host = "letsencrypt.ai4bots.com", PFXPassword = "******", RegistrationEmail = "*****@*****.**", RSAKeyLength = 2048 }, RelativeRecordSetName = "letsencrypt", ZoneName = "ai4bots.com", ResourceGroupName = "dns", SubscriptionId = new Guid("14fe4c66-c75a-4323-881b-ea53c1d86a9d"), CertificateSettings = new CertificateServiceSettings() }; var res = await kuduClient.HttpClient.PostAsync( "https://webappcfmv5fy7lcq7o.scm.azurewebsites.net/letsencrypt/api/certificates/challengeprovider/dns/azure/certificateinstall/azurewebapp?api-version=2017-09-01", new StringContent(JsonConvert.SerializeObject(body), Encoding.UTF8, "application/json")); await ValidateResponse(body.AcmeConfig, res); }
public KuduFileSystemAuthorizationChallengeProvider(IAzureWebAppEnvironment azureEnvironment, IAuthorizationChallengeProviderConfig config) { this.config = config; var website = ArmHelper.GetWebSiteManagementClient(azureEnvironment); this.kuduClient = KuduHelper.GetKuduClient(website, azureEnvironment); }
public async Task TestRequestAndInstallCertificate() { var config = new AppSettingsAuthConfig(); var client = ArmHelper.GetWebSiteManagementClient(config); var kuduClient = KuduHelper.GetKuduClient(client, config); var body = new HttpKuduInstallModel() { AzureEnvironment = new AzureWebAppEnvironment(config.Tenant, config.SubscriptionId, config.ClientId, config.ClientSecret, config.ResourceGroupName, config.WebAppName), AcmeConfig = new AcmeConfig() { Host = "letsencrypt.sjkp.dk", PFXPassword = "******", RegistrationEmail = "*****@*****.**", RSAKeyLength = 2048 }, AuthorizationChallengeProviderConfig = new AuthorizationChallengeProviderConfig(), CertificateSettings = new CertificateServiceSettings() }; var res = await kuduClient.HttpClient.PostAsync( "https://webappcfmv5fy7lcq7o.scm.azurewebsites.net/letsencrypt/api/certificates/challengeprovider/http/kudu/certificateinstall/azurewebapp?api-version=2017-09-01", new StringContent(JsonConvert.SerializeObject(body), Encoding.UTF8, "application/json")); await ValidateResponse(body.AcmeConfig, res); }
private async Task EnsureVirtualDirectorySetup() { if (virtualDirectorySetup) { Trace.TraceInformation("/.well-known already configured, skipping"); return; } using (var client = await ArmHelper.GetWebSiteManagementClient(this.azureEnvironment)) { var siteConfig = client.WebApps.GetSiteConfigurationOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName); if (!IsVirtualDirectorySetup(siteConfig)) { var app = siteConfig.VirtualApplications.First(); if (app.VirtualDirectories == null) { app.VirtualDirectories = new List <VirtualDirectory>(); } app.VirtualDirectories.Add(new VirtualDirectory() { PhysicalPath = wellKnownPhysicalPath, VirtualPath = "/.well-known", }); client.WebApps.UpdateSiteConfigurationOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName, siteConfig); } virtualDirectorySetup = true; } }
public override async Task PersistsChallenge(DnsChallenge dnsChallenge) { List <TxtRecord> records = new List <TxtRecord>() { new TxtRecord() { Value = new[] { dnsChallenge.RecordValue } } }; var dnsClient = await ArmHelper.GetDnsManagementClient(this.environment); if ((await dnsClient.RecordSets.ListByTypeAsync(environment.ResourceGroupName, environment.ZoneName, RecordType.TXT)).Any()) { var existingRecords = await SafeGetExistingRecords(dnsChallenge); if (existingRecords != null) { if (existingRecords.TxtRecords.Any(s => s.Value.Contains(dnsChallenge.RecordValue))) { records = existingRecords.TxtRecords.ToList(); } else { records.AddRange(existingRecords.TxtRecords); } } } await dnsClient.RecordSets.CreateOrUpdateAsync(this.environment.ResourceGroupName, this.environment.ZoneName, GetRelativeRecordSetName(dnsChallenge), RecordType.TXT, new RecordSet() { TxtRecords = records, TTL = 60 }); }
public ActionResult Hostname(string id) { var settings = new AppSettingsAuthConfig(); var model = new HostnameModel(); List <ValidationResult> validationResult = null; if (settings.IsValid(out validationResult)) { var client = ArmHelper.GetWebSiteManagementClient(settings); var site = client.Sites.GetSiteOrSlot(settings.ResourceGroupName, settings.WebAppName, settings.SiteSlotName); model.HostNames = site.HostNames; model.HostNameSslStates = site.HostNameSslStates; model.Certificates = client.Certificates.GetCertificates(settings.ServicePlanResourceGroupName).Value; model.InstalledCertificateThumbprint = id; if (model.HostNames.Count == 1) { model.ErrorMessage = "No custom host names registered. At least one custom domain name must be registed for the web site to request a letsencrypt certificate."; } } else { var errorMessage = string.Join(" ,", validationResult.Select(s => s.ErrorMessage)); model.ErrorMessage = $"Application settings was invalid, please wait a little and try to reload page if you just updated appsettings. Validation errors: {errorMessage}"; } return(View(model)); }
public async Task TestRequestDnsCertificate() { var config = new AppSettingsAuthConfig(); var client = await ArmHelper.GetWebSiteManagementClient(config); var kuduClient = KuduHelper.GetKuduClient(client, config); var body = new DnsAzureModel() { AzureDnsEnvironment = new AzureDnsEnvironment(config.Tenant, new Guid("14fe4c66-c75a-4323-881b-ea53c1d86a9d"), config.ClientId, config.ClientSecret, "dns", "ai4bots.com", "@"), AcmeConfig = new AcmeConfig() { Host = "ai4bots.com", PFXPassword = "******", RegistrationEmail = "*****@*****.**", RSAKeyLength = 2048 } }; var res = await kuduClient.HttpClient.PostAsync( "https://webappcfmv5fy7lcq7o.scm.azurewebsites.net/letsencrypt/api/certificates/challengeprovider/dns/azure?api-version=2017-09-01", new StringContent(JsonConvert.SerializeObject(body), Encoding.UTF8, "application/json")); await ValidateResponse(body.AcmeConfig, res); }
internal static async Task <bool> DeployAciInstance(string templateFileName, string subscriptionId, string resourceGroupName, string aciName, string jobName) { try { if (await ShouldDeleteExistingInstance(templateFileName, subscriptionId, resourceGroupName, aciName)) { await DeleteAciInstance(subscriptionId, resourceGroupName, aciName); } var rgName = resourceGroupName; var deploymentName = jobName; var templateFileContents = File.ReadAllText(templateFileName); log.LogInformation($"Starting a deployment for ACI '{aciName}' for job: {deploymentName}"); bool success = await ArmHelper.SubmitDeployment(subscriptionId, rgName, templateFileContents, "{}", deploymentName); log.LogInformation($"Completed ACI deployment: {deploymentName}. Waiting for identity assignment completion...."); //Introduce a delay to see if that will help with what seems to be an issue with a timely managed identity assignment Thread.Sleep(10000); log.LogInformation("Completed ACI deployment"); return(success); } catch (Exception ex) { log.LogError($"Unable to deploy ACI instance: {ex.Message}"); return(false); } }
public static async Task <IReadOnlyList <string> > GetLetsEncryptHostNames(IAzureWebAppEnvironment webAppEnvironment, bool staging) { Site site; using (var client = await ArmHelper.GetWebSiteManagementClient(webAppEnvironment)) { Trace.TraceInformation( "Getting Web App '{0}' (slot '{1}') from resource group '{2}'", webAppEnvironment.WebAppName, webAppEnvironment.SiteSlotName, webAppEnvironment.ResourceGroupName); site = client.WebApps.GetSiteOrSlot(webAppEnvironment.ResourceGroupName, webAppEnvironment.WebAppName, webAppEnvironment.SiteSlotName); } using (var httpClient = await ArmHelper.GetHttpClient(webAppEnvironment)) { var certRequestUri = $"/subscriptions/{webAppEnvironment.SubscriptionId}/providers/Microsoft.Web/certificates?api-version=2016-03-01"; Trace.TraceInformation("GET {0}", certRequestUri); var response = await ArmHelper.ExponentialBackoff().ExecuteAsync(async() => await httpClient.GetAsync(certRequestUri)); Trace.TraceInformation("Reading ARM certificate query response"); var body = await response.EnsureSuccessStatusCode().Content.ReadAsStringAsync(); var letsEncryptCerts = ExtractCertificates(body).Where(s => s.Issuer.Contains(staging ? "Fake LE" : "Let's Encrypt")); var leCertThumbprints = new HashSet <string>(letsEncryptCerts.Select(c => c.Thumbprint)); return(site.HostNameSslStates.Where(ssl => leCertThumbprints.Contains(ssl.Thumbprint)).Select(ssl => ssl.Name).ToArray()); } }
public ActionResult Index(AuthenticationModel model) { if (ModelState.IsValid) { try { using (var client = ArmHelper.GetWebSiteManagementClient(model)) { //Update web config. var site = client.Sites.GetSite(model.ResourceGroupName, model.WebAppName); var webappsettings = client.Sites.ListSiteAppSettings(model.ResourceGroupName, model.WebAppName); if (model.UpdateAppSettings) { var newAppSettingsValues = new Dictionary <string, string> { { AppSettingsAuthConfig.clientIdKey, model.ClientId.ToString() }, { AppSettingsAuthConfig.clientSecretKey, model.ClientSecret.ToString() }, { AppSettingsAuthConfig.subscriptionIdKey, model.SubscriptionId.ToString() }, { AppSettingsAuthConfig.tenantKey, model.Tenant }, { AppSettingsAuthConfig.resourceGroupNameKey, model.ResourceGroupName }, { AppSettingsAuthConfig.servicePlanResourceGroupNameKey, model.ServicePlanResourceGroupName } }; foreach (var appsetting in newAppSettingsValues) { if (!webappsettings.Properties.ContainsKey(appsetting.Key)) { webappsettings.Properties.Add(appsetting.Key, appsetting.Value); } else { webappsettings.Properties[appsetting.Key] = appsetting.Value; } } client.Sites.UpdateSiteAppSettings(model.ResourceGroupName, model.WebAppName, webappsettings); } else { var appSetting = new AppSettingsAuthConfig(); if (!ValidateModelVsAppSettings("ClientId", model.ClientId.ToString(), appSetting.ClientId.ToString()) || !ValidateModelVsAppSettings("ClientSecret", appSetting.ClientSecret, model.ClientSecret) || !ValidateModelVsAppSettings("ResourceGroupName", appSetting.ResourceGroupName, model.ResourceGroupName) || !ValidateModelVsAppSettings("SubScriptionId", appSetting.SubscriptionId.ToString(), model.SubscriptionId.ToString()) || !ValidateModelVsAppSettings("Tenant", appSetting.Tenant, model.Tenant) || !ValidateModelVsAppSettings("ServicePlanResourceGroupName", appSetting.ServicePlanResourceGroupName, model.ServicePlanResourceGroupName)) { model.ErrorMessage = "One or more app settings are different from the values entered, do you want to update the app settings?"; return(View(model)); } } } return(RedirectToAction("Hostname")); } catch (Exception ex) { Trace.TraceError(ex.ToString()); model.ErrorMessage = ex.ToString(); } } return(View(model)); }
public void Install(ICertificateInstallModel model) { var cert = model.CertificateInfo; using (var webSiteClient = ArmHelper.GetWebSiteManagementClient(azureEnvironment)) { var s = webSiteClient.WebApps.GetSiteOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName); Trace.TraceInformation(String.Format("Installing certificate {0} on azure with server farm id {1}", cert.Name, s.ServerFarmId)); var newCert = new Certificate() { PfxBlob = cert.PfxCertificate, Password = cert.Password, Location = s.Location, ServerFarmId = s.ServerFarmId, Name = model.Host + "-" + cert.Certificate.Thumbprint }; //BUG https://github.com/sjkp/letsencrypt-siteextension/issues/99 //using this will not install the certificate with the correct webSpace property set, //and the app service will be unable to find the certificate if the app service plan has been moved between resource groups. //webSiteClient.Certificates.CreateOrUpdate(azureEnvironment.ServicePlanResourceGroupName, cert.Certificate.Subject.Replace("CN=", ""), newCert); var client = ArmHelper.GetHttpClient(azureEnvironment); var body = JsonConvert.SerializeObject(newCert, JsonHelper.DefaultSerializationSettings); var t = client.PutAsync($"/subscriptions/{azureEnvironment.SubscriptionId}/resourceGroups/{azureEnvironment.ServicePlanResourceGroupName}/providers/Microsoft.Web/certificates/{newCert.Name}?api-version=2016-03-01", new StringContent(body, Encoding.UTF8, "application/json")).Result; t.EnsureSuccessStatusCode(); foreach (var dnsName in model.AllDnsIdentifiers) { var sslState = s.HostNameSslStates.FirstOrDefault(g => g.Name == dnsName); if (sslState == null) { sslState = new HostNameSslState() { Name = model.Host, SslState = settings.UseIPBasedSSL ? SslState.IpBasedEnabled : SslState.SniEnabled, }; s.HostNameSslStates.Add(sslState); } else { //First time setting the HostNameSslState it is set to disabled. sslState.SslState = settings.UseIPBasedSSL ? SslState.IpBasedEnabled : SslState.SniEnabled; } sslState.ToUpdate = true; sslState.Thumbprint = cert.Certificate.Thumbprint; } webSiteClient.WebApps.BeginCreateOrUpdateSiteOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName, s); } }
public override async Task CleanupChallenge(DnsChallenge dnsChallenge) { var existingRecords = await SafeGetExistingRecords(dnsChallenge); var dnsClient = await ArmHelper.GetDnsManagementClient(this.environment); await dnsClient.RecordSets.DeleteAsync(this.environment.ResourceGroupName, this.environment.ZoneName, GetRelativeRecordSetName(dnsChallenge), RecordType.TXT); }
private static async Task <Aci.Arm.Deployment> GetAciInstanceData(string subscriptionId, string resourceGroupName, string aciName) { var resp = await ArmHelper.GetAciDeploymentDetails(subscriptionId, resourceGroupName, aciName); var aciResult = JsonSerializer.Deserialize <Aci.Arm.Deployment>(JsonSerializer.Serialize(resp)); return(aciResult); }
public async Task <bool> IsVirtualDirectorySetup() { using (var client = await ArmHelper.GetWebSiteManagementClient(this.azureEnvironment)) { var siteConfig = client.WebApps.GetSiteConfigurationOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName); return(IsVirtualDirectorySetup(siteConfig)); } }
public async Task RetryTest() { var client = HttpClientFactory.Create(new HttpClientHandler(), new TimeoutHandler()); var retry = ArmHelper.ExponentialBackoff(); var resp = await retry.ExecuteAsync(async() => { return(await client.PostAsJsonAsync("https://en8zkq5hogjyi.x.pipedream.net", new { text = "hello" })); }); }
/// <summary> /// Used for automatic installation of letsencrypt certificate /// </summary> public void AddCertificate() { Trace.TraceInformation("Staring add certificate"); using (var client = ArmHelper.GetWebSiteManagementClient(settings)) { Trace.TraceInformation($"Add certificate for acmeConfig hostname {string.Join(", ", acmeConfig.Hostnames)}"); if (acmeConfig.Hostnames.Any()) { RequestAndInstallInternal(this.acmeConfig); } } }
public async Task <List <AcmeConfig> > RenewCertificate(bool skipInstallCertificate = false, int renewXNumberOfDaysBeforeExpiration = 0) { Trace.TraceInformation("Checking certificate"); var ss = SettingsStore.Instance.Load(); using (var client = ArmHelper.GetWebSiteManagementClient(settings)) using (var httpClient = ArmHelper.GetHttpClient(settings)) { //Cant just get certificates by resource group, because sites that have been moved, have their certs sitting in the old RG. //Also cant use client.Certificates.List() due to bug in the nuget var response = await httpClient.GetAsync($"/subscriptions/{settings.SubscriptionId}/providers/Microsoft.Web/certificates?api-version=2016-03-01"); response.EnsureSuccessStatusCode(); var body = await response.Content.ReadAsStringAsync(); IEnumerable <Certificate> certs = JsonConvert.DeserializeObject <Certificate[]>(body, JsonHelper.DefaultSerializationSettings); var expiringCerts = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(renewXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE"))); if (expiringCerts.Count() == 0) { Trace.TraceInformation(string.Format("No certificates installed issued by Let's Encrypt that are about to expire within the next {0} days. Skipping.", renewXNumberOfDaysBeforeExpiration)); } var res = new List <AcmeConfig>(); foreach (var toExpireCert in expiringCerts) { Trace.TraceInformation("Starting renew of certificate " + toExpireCert.Name + " expiration date " + toExpireCert.ExpirationDate); var site = client.WebApps.Get(settings.ResourceGroupName, settings.WebAppName); var sslStates = site.HostNameSslStates.Where(s => s.Thumbprint == toExpireCert.Thumbprint); if (!sslStates.Any()) { Trace.TraceInformation(String.Format("Certificate {0} was not assigned any hostname, skipping update", toExpireCert.Thumbprint)); continue; } var target = new AcmeConfig() { RegistrationEmail = this.acmeConfig.RegistrationEmail ?? ss.FirstOrDefault(s => s.Name == "email").Value, Host = sslStates.First().Name, BaseUri = this.acmeConfig.BaseUri ?? ss.FirstOrDefault(s => s.Name == "baseUri").Value, AlternateNames = sslStates.Skip(1).Select(s => s.Name).ToList(), PFXPassword = this.acmeConfig.PFXPassword, RSAKeyLength = this.acmeConfig.RSAKeyLength }; if (!skipInstallCertificate) { await RequestAndInstallInternalAsync(target); } res.Add(target); } return(res); } }
public List <string> RemoveExpired(int removeXNumberOfDaysBeforeExpiration = 0) { using (var webSiteClient = ArmHelper.GetWebSiteManagementClient(azureEnvironment)) { var certs = webSiteClient.Certificates.ListByResourceGroup(azureEnvironment.ServicePlanResourceGroupName); var tobeRemoved = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(removeXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE"))).ToList(); tobeRemoved.ForEach(s => RemoveCertificate(webSiteClient, s)); return(tobeRemoved.Select(s => s.Thumbprint).ToList()); } }
internal static async Task <bool> DeleteContainerApp(CommandLineArgs cmdLine) { if (await ArmHelper.DeleteResource(cmdLine.ContainerAppArgs.SubscriptionId, cmdLine.ContainerAppArgs.ResourceGroup, $"sbm{cmdLine.JobName}")) { log.LogInformation($"Successfully deleted ContainerApp: sbm{cmdLine.JobName}"); return(true); } else { log.LogError($"Unable to delete ContainerApp: sbm{cmdLine.JobName}"); return(false); } }
private void SetViewBagHostnames() { var settings = new AppSettingsAuthConfig(); var client = ArmHelper.GetWebSiteManagementClient(settings); var site = client.Sites.GetSiteOrSlot(settings.ResourceGroupName, settings.WebAppName, settings.SiteSlotName); var model = new HostnameModel(); ViewBag.HostNames = site.HostNames.Where(s => !s.EndsWith(settings.AzureWebSitesDefaultDomainName)).Select(s => new SelectListItem() { Text = s, Value = s }); }
public IEnumerable <Target> RenewCertificate(bool debug = false) { Trace.TraceInformation("Checking certificate"); var settings = new AppSettingsAuthConfig(); var ss = SettingsStore.Instance.Load(); using (var client = ArmHelper.GetWebSiteManagementClient(settings)) { var certs = client.Certificates.GetCertificates(settings.ServicePlanResourceGroupName).Value; var expiringCerts = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(settings.RenewXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE"))); if (expiringCerts.Count() == 0) { Trace.TraceInformation(string.Format("No certificates installed issued by Let's Encrypt that are about to expire within the next {0} days. Skipping.", settings.RenewXNumberOfDaysBeforeExpiration)); } foreach (var toExpireCert in expiringCerts) { Trace.TraceInformation("Starting renew of certificate " + toExpireCert.Name + " expiration date " + toExpireCert.ExpirationDate); var site = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName); var sslStates = site.HostNameSslStates.Where(s => s.Thumbprint == toExpireCert.Thumbprint); if (!sslStates.Any()) { Trace.TraceInformation(String.Format("Certificate {0} was not assigned any hostname, skipping update", toExpireCert.Thumbprint)); continue; } var target = new Target() { WebAppName = settings.WebAppName, Tenant = settings.Tenant, SubscriptionId = settings.SubscriptionId, ClientId = settings.ClientId, ClientSecret = settings.ClientSecret, ResourceGroupName = settings.ResourceGroupName, Email = settings.Email ?? ss.FirstOrDefault(s => s.Name == "email").Value, Host = sslStates.First().Name, BaseUri = settings.BaseUri ?? ss.FirstOrDefault(s => s.Name == "baseUri").Value, ServicePlanResourceGroupName = settings.ServicePlanResourceGroupName, AlternativeNames = sslStates.Skip(1).Select(s => s.Name).ToList(), UseIPBasedSSL = settings.UseIPBasedSSL, SiteSlotName = settings.SiteSlotName }; if (!debug) { RequestAndInstallInternal(target); } yield return(target); } } }
public async Task <List <string> > RemoveExpired(int removeXNumberOfDaysBeforeExpiration = 0) { using (var webSiteClient = await ArmHelper.GetWebSiteManagementClient(azureEnvironment)) { var certs = webSiteClient.Certificates.ListByResourceGroup(azureEnvironment.ServicePlanResourceGroupName); var site = webSiteClient.WebApps.GetSiteOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName); var tobeRemoved = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(removeXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE")) && !site.HostNameSslStates.Any(hostNameBindings => hostNameBindings.Thumbprint == s.Thumbprint)).ToList(); foreach (var cert in tobeRemoved) { await RemoveCertificate(webSiteClient, cert); } return(tobeRemoved.Select(s => s.Thumbprint).ToList()); } }
public async Task TestRenewCertificate() { var config = new AppSettingsAuthConfig(); var client = ArmHelper.GetWebSiteManagementClient(config); var kuduClient = KuduHelper.GetKuduClient(client, config); var res = await kuduClient.HttpClient.PostAsync("https://webappcfmv5fy7lcq7o-vnext.scm.azurewebsites.net/letsencrypt/api/certificates/renew?api-version=2017-09-01", new StringContent("")); Assert.AreEqual(System.Net.HttpStatusCode.OK, res.StatusCode); var model = JsonConvert.DeserializeObject <CertificateInstallModel[]>(await res.Content.ReadAsStringAsync()); Assert.AreEqual(1, model.Count()); File.WriteAllBytes(Path.GetFileName(model.First().CertificateInfo.Name), model.First().CertificateInfo.PfxCertificate); }
internal static async Task <bool> DeleteAciInstance(string subscriptionId, string resourceGroupName, string aciName) { try { log.LogInformation("Removing any pre-existing ACI deployment"); var success = await ArmHelper.DeleteResource(subscriptionId, resourceGroupName, aciName); log.LogInformation("Pre-existing ACI deployment removed"); return(success); } catch (Exception exe) { log.LogError($"Unable to remove existing ACI instance: {exe.Message}"); return(false); } }
private async Task <RecordSet> SafeGetExistingRecords(DnsChallenge dnsChallenge) { try { var dnsClient = await ArmHelper.GetDnsManagementClient(this.environment); return(await dnsClient.RecordSets.GetAsync(environment.ResourceGroupName, environment.ZoneName, GetRelativeRecordSetName(dnsChallenge), RecordType.TXT)); } catch (CloudException cex) { if (!cex.Message.StartsWith("The resource record '_acme-challenge")) { throw; } } return(null); }
/// <summary> /// Used for automatic installation of hostnames bindings and certificate /// upon first installation on the site extension and if hostnames are specified in app settings /// </summary> public void SetupHostnameAndCertificate() { Trace.TraceInformation("Setup hostname and certificates"); var settings = new AppSettingsAuthConfig(); using (var client = ArmHelper.GetWebSiteManagementClient(settings)) { var s = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName); foreach (var hostname in settings.Hostnames) { if (s.HostNames.Any(existingHostname => string.Equals(existingHostname, hostname, StringComparison.InvariantCultureIgnoreCase))) { Trace.TraceInformation("Hostname already configured skipping installation"); continue; } Trace.TraceInformation("Setting up hostname and lets encrypt certificate for " + hostname); client.Sites.CreateOrUpdateSiteOrSlotHostNameBinding(settings.ResourceGroupName, settings.WebAppName, settings.SiteSlotName, hostname, new HostNameBinding() { CustomHostNameDnsRecordType = CustomHostNameDnsRecordType.CName, HostNameType = HostNameType.Verified, SiteName = settings.WebAppName, Location = s.Location }); } if (settings.Hostnames.Any()) { RequestAndInstallInternal(new Target() { BaseUri = settings.BaseUri, ClientId = settings.ClientId, ClientSecret = settings.ClientSecret, Email = settings.Email, Host = settings.Hostnames.First(), ResourceGroupName = settings.ResourceGroupName, SubscriptionId = settings.SubscriptionId, Tenant = settings.Tenant, WebAppName = settings.WebAppName, ServicePlanResourceGroupName = settings.ServicePlanResourceGroupName, AlternativeNames = settings.Hostnames.Skip(1).ToList(), SiteSlotName = settings.SiteSlotName, UseIPBasedSSL = settings.UseIPBasedSSL }); } } }
public ActionResult Hostname(string id) { var settings = new AppSettingsAuthConfig(); var client = ArmHelper.GetWebSiteManagementClient(settings); var site = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName); var model = new HostnameModel(); model.HostNames = site.HostNames; model.HostNameSslStates = site.HostNameSslStates; model.Certificates = client.Certificates.GetCertificates(settings.ServicePlanResourceGroupName).Value; model.InstalledCertificateThumbprint = id; if (model.HostNames.Count == 1) { model.ErrorMessage = "No custom host names registered. At least one custom domain name must be registed for the web site to request a letsencrypt certificate."; } return(View(model)); }
public async Task <ActionResult> AddHostname() { var settings = new AppSettingsAuthConfig(); using (var client = await ArmHelper.GetWebSiteManagementClient(settings)) { var s = client.WebApps.GetSiteOrSlot(settings.ResourceGroupName, settings.WebAppName, settings.SiteSlotName); foreach (var hostname in settings.Hostnames) { client.WebApps.CreateOrUpdateSiteOrSlotHostNameBinding(settings.ResourceGroupName, settings.WebAppName, settings.SiteSlotName, hostname, new HostNameBinding { CustomHostNameDnsRecordType = CustomHostNameDnsRecordType.CName, HostNameType = HostNameType.Verified, SiteName = settings.WebAppName, }); } } return(View()); }
public ActionResult AddHostname() { var settings = new AppSettingsAuthConfig(); using (var client = ArmHelper.GetWebSiteManagementClient(settings)) { var s = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName); foreach (var hostname in settings.Hostnames) { client.Sites.CreateOrUpdateSiteHostNameBinding(settings.ResourceGroupName, settings.WebAppName, hostname, new Microsoft.Azure.Management.WebSites.Models.HostNameBinding() { CustomHostNameDnsRecordType = Microsoft.Azure.Management.WebSites.Models.CustomHostNameDnsRecordType.CName, HostNameType = Microsoft.Azure.Management.WebSites.Models.HostNameType.Verified, SiteName = settings.WebAppName, Location = s.Location }); } } return(View()); }
public async Task GetPublishingCredentials() { var model = new AppSettingsAuthConfig(); var helper = ArmHelper.GetWebSiteManagementClient(model); var kuduClient = KuduHelper.GetKuduClient(helper, model); //var res = await kuduClient.GetScmInfo(); var dir = await kuduClient.GetFile("site/wwwroot/host.json"); using (var ms = new MemoryStream()) { var sw = new StreamWriter(ms); sw.WriteLine("Hell asd asd asd "); sw.Flush(); await kuduClient.PutFile("site/wwwroot/.well-known/acme-challenge2/test.json", ms); } }