public StartupCertificateLoader(string named, IServiceProvider sp)
{
_httpChallenge = sp.GetRequiredService <HttpChallenge>();
_certificateValidator = sp.GetRequiredService <ICertificateValidator>();
_accountOptions = sp.GetRequiredService <IOptionsMonitor <AcmeAccountOptions> >().Get(named);
_certificateOptions = sp.GetRequiredService <IOptionsMonitor <CertificateOptions> >().Get(named);
_developmentCertificate = sp.GetRequiredService <DevelopmentCertificate>();
_stores = sp.GetRequiredService <IEnumerable <ICertificateStore> >();
_certificateSelector = sp.GetRequiredService <KestrelCertificateSelector>();
_server = sp.GetRequiredService <IServer>();
_config = sp.GetRequiredService <IConfiguration>();
_logger = sp.GetRequiredService <ILogger <StartupCertificateLoader> >();
}
private async Task <byte[]> AcquireCertificateBytesFromOrderAsync(
IOrderContext order,
AcmeOrderOptions orderOptions,
AcmeAccountOptions accountOptions,
CertificateOptions certificateOptions)
{
_logger.LogInformation("[LetsEncrypt][Certificate] Acquiring certificate through signing request.");
var privateKey = KeyFactory.NewKey((Certes.KeyAlgorithm)orderOptions.KeyAlgorithm);
if (orderOptions?.CertificateSigningRequest == null)
{
var commonName = accountOptions.Domains[0];
_logger.LogDebug("Creating cert for {commonName}", commonName);
var csrInfo = new CsrInfo
{
CommonName = commonName,
};
if (orderOptions != null)
{
orderOptions.CertificateSigningRequest = csrInfo;
}
}
var certificateChain = await order.Generate(orderOptions?.CertificateSigningRequest, privateKey);
var pfxBuilder = certificateChain.ToPfx(privateKey);
pfxBuilder.FullChain = true;
var pfxBytes = pfxBuilder.Build(
$"Let's Encrypt - {accountOptions.Domains[0]} ",
certificateOptions?.CertificatePassword ?? string.Empty);
_logger.LogInformation("[LetsEncrypt][Certificate] Certificate acquired.");
return(pfxBytes);
}
