public void TestRemove() { var config = new AppSettingsAuthConfig(); var service = new WebAppCertificateService(config, new CertificateServiceSettings { }); service.RemoveExpired(180); }
public void TestInstall() { var config = new AppSettingsAuthConfig(); var service = new WebAppCertificateService(config, new CertificateServiceSettings { }); var pfx = File.ReadAllBytes("letsencrypt.sjkp.dk-all.pfx"); service.Install(new CertificateInstallModel { AllDnsIdentifiers = new List <string>() { "letsencrypt.sjkp.dk" }, Host = "letsencrypt.sjkp.dk", CertificateInfo = new CertificateInfo() { Certificate = new System.Security.Cryptography.X509Certificates.X509Certificate2(pfx, "Simon123"), Name = "letsencrypt.sjkp.dk-all.pfx", Password = "******", PfxCertificate = pfx } }); }
public async Task TestInstall() { Console.WriteLine(typeof(Microsoft.IdentityModel.Clients.ActiveDirectory.AdalOption).AssemblyQualifiedName); var config = new AppSettingsAuthConfig(); var service = new WebAppCertificateService(config, new CertificateServiceSettings { }); var pfx = File.ReadAllBytes("letsencrypt.sjkp.dk-all.pfx"); await service.Install(new CertificateInstallModel { AllDnsIdentifiers = new List <string>() { "letsencrypt.sjkp.dk" }, Host = "letsencrypt.sjkp.dk", CertificateInfo = new CertificateInfo() { Certificate = new System.Security.Cryptography.X509Certificates.X509Certificate2(pfx, "Simon123"), Name = "letsencrypt.sjkp.dk-all.pfx", Password = "******", PfxCertificate = pfx } }); }
private static async Task RenewCore(RenewalParameters renewalParams) { Trace.TraceInformation("Generating SSL certificate with parameters: {0}", renewalParams); Trace.TraceInformation("Generating secure PFX password for '{0}'...", renewalParams.WebApp); var pfxPassData = new byte[32]; s_randomGenerator.GetBytes(pfxPassData); Trace.TraceInformation( "Adding SSL cert for '{0}{1}'...", renewalParams.WebApp, renewalParams.GroupName == null ? string.Empty : $"[{renewalParams.GroupName}]"); var certServiceSettings = new CertificateServiceSettings { UseIPBasedSSL = renewalParams.UseIpBasedSsl }; var azureWebAppEnvironment = new AzureWebAppEnvironment( renewalParams.TenantId, renewalParams.SubscriptionId, renewalParams.ClientId, renewalParams.ClientSecret, renewalParams.ResourceGroup, renewalParams.WebApp, renewalParams.ServicePlanResourceGroup, renewalParams.SiteSlotName) { AzureWebSitesDefaultDomainName = renewalParams.AzureDefaultWebsiteDomainName ?? DefaultWebsiteDomainName, AuthenticationEndpoint = renewalParams.AuthenticationUri ?? new Uri(DefaultAuthenticationUri), ManagementEndpoint = renewalParams.AzureManagementEndpoint ?? new Uri(DefaultManagementEndpoint), TokenAudience = renewalParams.AzureTokenAudience ?? new Uri(DefaultAzureTokenAudienceService) }; AzureWebAppEnvironment otherAzureWebAppEnvironment = null; WebAppCertificateService otherWebAppCertificateService = null; if (!string.IsNullOrEmpty(renewalParams.OtherWebAppResourceGroup) && !string.IsNullOrEmpty(renewalParams.OtherWebApp)) { otherAzureWebAppEnvironment = new AzureWebAppEnvironment( renewalParams.TenantId, renewalParams.SubscriptionId, renewalParams.ClientId, renewalParams.ClientSecret, renewalParams.OtherWebAppResourceGroup, renewalParams.OtherWebApp, renewalParams.ServicePlanResourceGroup, renewalParams.OtherSlotName) { AzureWebSitesDefaultDomainName = renewalParams.AzureDefaultWebsiteDomainName ?? DefaultWebsiteDomainName, AuthenticationEndpoint = renewalParams.AuthenticationUri ?? new Uri(DefaultAuthenticationUri), ManagementEndpoint = renewalParams.AzureManagementEndpoint ?? new Uri(DefaultManagementEndpoint), TokenAudience = renewalParams.AzureTokenAudience ?? new Uri(DefaultAzureTokenAudienceService) }; otherWebAppCertificateService = new WebAppCertificateService(otherAzureWebAppEnvironment, certServiceSettings); } var azureStorageEnvironment = new AzureStorageEnvironment( renewalParams.TenantId, renewalParams.SubscriptionId, renewalParams.ClientId, renewalParams.ClientSecret, renewalParams.ResourceGroup, renewalParams.StorageConnectionString, renewalParams.StorageContainer); var webAppCertificateService = new WebAppCertificateService(azureWebAppEnvironment, certServiceSettings); var manager = new CertificateManager( azureWebAppEnvironment, new AcmeConfig { Host = renewalParams.Hosts[0], AlternateNames = renewalParams.Hosts.Skip(1).ToList(), RegistrationEmail = renewalParams.Email, RSAKeyLength = renewalParams.RsaKeyLength, PFXPassword = Convert.ToBase64String(pfxPassData), BaseUri = (renewalParams.AcmeBaseUri ?? new Uri(DefaultAcmeBaseUri)).ToString() }, webAppCertificateService, new AzureStorageFileSystemAuthorizationChallengeProvider(azureStorageEnvironment)); if (renewalParams.RenewXNumberOfDaysBeforeExpiration > 0) { await manager.RenewCertificate(false, renewalParams.RenewXNumberOfDaysBeforeExpiration); } else { var res = await manager.AddCertificate(); webAppCertificateService.RemoveExpired(); otherWebAppCertificateService?.Install(res); otherWebAppCertificateService?.RemoveExpired(); } Trace.TraceInformation("SSL cert added successfully to '{0}'", renewalParams.WebApp); }