/// <summary>
/// Register the local computer's account on the ACME service
/// </summary>
/// <returns>true if registration is successful, false otherwise</returns>
public async Task <bool> RegisterNewAccount()
{
WinCertesOptions _options = Program._winCertesOptions;
try {
InitCertes();
Certes.Acme.Resource.Directory directory = await _acme.GetDirectory();
InitCertes();
IAccountContext accountCtx = await _acme.NewAccount(_options.AccountEmail, true);
_options.Registered = true;
logger.Info($"Successfully registered account {_options.AccountEmail} with certificate authority {_options.ServiceUri.ToString()}");
if ((directory.Meta != null) && (directory.Meta.TermsOfService != null))
{
logger.Info($"Please check the ACME Service ToS at: {directory.Meta.TermsOfService.ToString()}");
}
return(true);
}
catch (Exception exp)
{
logger.Error($"Failed to register account {_options.AccountEmail} with certificate authority {_options.ServiceUri.ToString()}: {ProcessCertesException(exp)}");
return(false);
}
}
private async Task FetchDirectory(bool force)
{
if (this.directory == null || force)
{
var uri = serverUri;
var resp = await this.Get <Resource.Directory>(uri);
this.directory = resp.Data;
}
}
/// <summary>
/// Cause initialization of Certes
/// </summary>
/// <param name="signerPath"></param>
/// <param name="registrationPath"></param>
/// <param name="email"></param>
public void InitRegistration(string signerPath, string registrationPath, string email)
{
// Signer path y registrationpath son específicos de la librería vieja, pero usamos el directorio que indican
// para guardar la configuración del registro de cuenta de certes. Como el registration depende del entorno, ponemos la AcmeUri en el hash del propio
// nombre del fichero.
string settingsFilePath = Path.Combine(Path.GetDirectoryName(signerPath), UtilsEncryption.GetMD5(email + "::" + this.AcmeUri), "certes.json");
UtilsSystem.EnsureDirectoryExists(settingsFilePath);
// Initialization and renewal/revocation handling
// We get the CertesWrapper object, that will do most of the job.
// RS256 Let's generate a new key (RSA is good enough IMHO)
var serviceUri = new Uri(this.AcmeUri);
this.Logger.LogInfo(true, "Using Acme URI: " + serviceUri);
CertesSettings settings;
this.HttpClient = new HttpClient();
this.AcmeHttpClient = new AcmeHttpClient(serviceUri, this.HttpClient);
if (File.Exists(settingsFilePath))
{
// Si ya teníamos unos settings, siginifica que la cuenta ya está registrada
settings =
JsonConvert.DeserializeObject <CertesSettings>(File.ReadAllText(settingsFilePath));
this.AcmeContext = new AcmeContext(serviceUri, KeyFactory.FromDer(settings.Key), this.AcmeHttpClient);
}
else
{
// Hay que crear una nueva cuenta con su clave, y registrarla en ACME
settings = new CertesSettings()
{
AccountEmail = email,
ServiceUri = serviceUri,
Key = KeyFactory.NewKey(KeyAlgorithm.RS256).ToDer()
};
// Register the account
this.AcmeContext = new AcmeContext(serviceUri, KeyFactory.FromDer(settings.Key), this.AcmeHttpClient);
IAccountContext accountCtx = this.AcmeContext.NewAccount(settings.AccountEmail, true).Result;
File.WriteAllText(settingsFilePath, JsonConvert.SerializeObject(settings));
Certes.Acme.Resource.Directory directory = this.AcmeContext.GetDirectory().Result;
this.Logger.LogInfo(true, $"Successfully registered account {settings.AccountEmail} with certificate authority {serviceUri.AbsoluteUri}");
if ((directory.Meta != null) && (directory.Meta.TermsOfService != null))
{
this.Logger.LogInfo(true, $"Please check the ACME Service ToS at: {directory.Meta.TermsOfService}");
}
}
this.CertesSettings = settings;
}
/// <summary>
/// Register the local computer's account on the ACME service
/// </summary>
/// <returns>true if registration is successful, false otherwise</returns>
public async Task <bool> RegisterNewAccount()
{
try {
InitCertes();
Certes.Acme.Resource.Directory directory = await _acme.GetDirectory();
InitCertes();
IAccountContext accountCtx = await _acme.NewAccount(_settings.AccountEmail, true);
_config.WriteIntParameter("registered", 1);
logger.Info($"Successfully registered account {_settings.AccountEmail} with certificate authority {_settings.ServiceURI.ToString()}");
if (directory.Meta.TermsOfService != null)
{
logger.Info($"Please check the ACME Service ToS at: {directory.Meta.TermsOfService.ToString()}");
}
return(true);
} catch (Exception exp) {
logger.Error($"Failed to register account {_settings.AccountEmail} with certificate authority {_settings.ServiceURI.ToString()}: {ProcessCertesException(exp)}");
return(false);
}
}
