protected override void InternalProcessRecord()
{
base.InternalProcessRecord();
if (base.HasErrors)
{
return;
}
Dictionary <TopologySite, List <TopologyServer> > dictionary = null;
TopologySite topologySite = null;
FederationCertificate.DiscoverServers(base.RootOrgGlobalConfigSession, false, out dictionary, out topologySite);
if (topologySite == null)
{
base.WriteError(new CannotGetLocalSiteException(), ErrorCategory.ReadError, null);
}
foreach (KeyValuePair <TopologySite, List <TopologyServer> > keyValuePair in dictionary)
{
foreach (TopologyServer topologyServer in keyValuePair.Value)
{
foreach (CertificateRecord certificateRecord in FederationCertificate.FederationCertificates(base.RootOrgGlobalConfigSession))
{
FederationTrustCertificateState state = FederationCertificate.TestForCertificate(topologyServer.Name, certificateRecord.Thumbprint);
FederationTrustCertificateStatus sendToPipeline = new FederationTrustCertificateStatus(keyValuePair.Key, topologyServer, state, certificateRecord.Thumbprint);
base.WriteObject(sendToPipeline);
}
}
}
}
internal static FederationTrustCertificateState TestForCertificate(string serverName, string thumbprint, out ExchangeCertificate cert)
{
if (string.IsNullOrEmpty(serverName))
{
throw new ArgumentNullException("serverName");
}
if (string.IsNullOrEmpty(thumbprint))
{
throw new ArgumentNullException("thumbprint");
}
cert = null;
ExchangeCertificateRpc exchangeCertificateRpc = new ExchangeCertificateRpc();
exchangeCertificateRpc.GetByThumbprint = thumbprint;
ExchangeCertificateRpcVersion exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1;
FederationTrustCertificateState federationTrustCertificateState = FederationTrustCertificateState.NotInstalled;
byte[] outputBlob = null;
try
{
byte[] inBlob = exchangeCertificateRpc.SerializeInputParameters(ExchangeCertificateRpcVersion.Version2);
ExchangeCertificateRpcClient2 exchangeCertificateRpcClient = new ExchangeCertificateRpcClient2(serverName);
outputBlob = exchangeCertificateRpcClient.GetCertificate2(0, inBlob);
exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version2;
}
catch (RpcException)
{
exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1;
}
if (exchangeCertificateRpcVersion == ExchangeCertificateRpcVersion.Version1)
{
try
{
byte[] inBlob2 = exchangeCertificateRpc.SerializeInputParameters(exchangeCertificateRpcVersion);
ExchangeCertificateRpcClient exchangeCertificateRpcClient2 = new ExchangeCertificateRpcClient(serverName);
outputBlob = exchangeCertificateRpcClient2.GetCertificate(0, inBlob2);
}
catch (RpcException)
{
federationTrustCertificateState = FederationTrustCertificateState.ServerUnreachable;
}
}
if (federationTrustCertificateState != FederationTrustCertificateState.ServerUnreachable)
{
ExchangeCertificateRpc exchangeCertificateRpc2 = new ExchangeCertificateRpc(exchangeCertificateRpcVersion, null, outputBlob);
if (exchangeCertificateRpc2.ReturnCertList != null && exchangeCertificateRpc2.ReturnCertList.Count == 1)
{
federationTrustCertificateState = FederationTrustCertificateState.Installed;
cert = exchangeCertificateRpc2.ReturnCertList[0];
}
}
return(federationTrustCertificateState);
}
public static void ValidateRemoteCertificate(string server, string thumbprint, DateTime?futurePublishDate, bool skipAutomatedDeploymentChecks, Task.TaskErrorLoggingDelegate writeError)
{
if (writeError == null)
{
throw new ArgumentNullException("writeError");
}
if (string.IsNullOrEmpty(thumbprint))
{
return;
}
ExchangeCertificate certificate = null;
FederationTrustCertificateState federationTrustCertificateState = FederationCertificate.TestForCertificate(server, thumbprint, out certificate);
if (federationTrustCertificateState == FederationTrustCertificateState.ServerUnreachable)
{
writeError(new TaskException(Strings.ErrorCannotContactServerForCert(server, thumbprint)), ErrorCategory.InvalidArgument, null);
}
else if (federationTrustCertificateState != FederationTrustCertificateState.Installed)
{
writeError(new TaskException(Strings.ErrorThumbprintNotFound(thumbprint)), ErrorCategory.InvalidArgument, null);
}
OAuthTaskHelper.ValidateCertificate(certificate, futurePublishDate, skipAutomatedDeploymentChecks, writeError);
}
private static void PushCertificate(ITopologyConfigurationSession session, Server sourceServer, Task.TaskProgressLoggingDelegate writeProgress, Task.TaskWarningLoggingDelegate writeWarning, string thumbprint)
{
SecureString securePassword = FederationCertificate.GeneratePassword();
FederationCertificate.EnableCertificateForNetworkService(sourceServer.Name, thumbprint);
string base64cert = null;
try
{
base64cert = FederationCertificate.ExportCertificate(sourceServer.Name, securePassword, thumbprint);
}
catch (InvalidOperationException)
{
writeWarning(Strings.WarningPushFailed(thumbprint));
return;
}
catch (LocalizedException)
{
writeWarning(Strings.WarningPushFailed(thumbprint));
return;
}
Dictionary <TopologySite, List <TopologyServer> > dictionary = null;
TopologySite topologySite = null;
FederationCertificate.DiscoverServers(session, true, out dictionary, out topologySite);
if (topologySite != null)
{
List <TopologyServer> list;
if (dictionary.TryGetValue(topologySite, out list))
{
int count = list.Count;
int num = 0;
foreach (TopologyServer topologyServer in list)
{
int percent = (int)((double)(++num) / (double)count * 100.0);
writeProgress(Strings.ProgressActivityPushFederationCertificate(thumbprint), Strings.ProgressActivityPushFederationServer(topologyServer.Name), percent);
if (!topologyServer.Id.Equals(sourceServer.Id))
{
try
{
FederationTrustCertificateState federationTrustCertificateState = FederationCertificate.TestForCertificate(topologyServer.Name, thumbprint);
if (federationTrustCertificateState == FederationTrustCertificateState.NotInstalled)
{
FederationCertificate.ImportCertificate(topologyServer.Name, securePassword, base64cert);
}
if (federationTrustCertificateState != FederationTrustCertificateState.ServerUnreachable)
{
FederationCertificate.EnableCertificateForNetworkService(topologyServer.Name, thumbprint);
}
}
catch (InvalidOperationException)
{
writeWarning(Strings.WarningPushCertificate(thumbprint, topologyServer.Name));
}
catch (LocalizedException)
{
writeWarning(Strings.WarningPushCertificate(thumbprint, topologyServer.Name));
}
}
}
}
return;
}
writeWarning(Strings.WarningCannotGetLocalSite(thumbprint));
}
// Token: 0x06000006 RID: 6 RVA: 0x000024D0 File Offset: 0x000006D0
private void PerformDistribution(List <CertificateRecord> certsRequired)
{
Servicelet.Tracer.TraceDebug((long)this.GetHashCode(), "PerformDistribution(): Entering");
List <CertificateRecord> list = new List <CertificateRecord>();
foreach (CertificateRecord certificateRecord in certsRequired)
{
string thumbprint = certificateRecord.Thumbprint;
Servicelet.Tracer.TraceDebug <string>((long)this.GetHashCode(), "Certificate Required: {0}", thumbprint);
ExchangeCertificate exchangeCertificate;
FederationTrustCertificateState federationTrustCertificateState = FederationCertificate.TestForCertificate(this.localServer.Name, thumbprint, out exchangeCertificate);
Servicelet.Tracer.TraceDebug <FederationTrustCertificateState>((long)this.GetHashCode(), "Certificate State: {0}", federationTrustCertificateState);
if (federationTrustCertificateState == FederationTrustCertificateState.NotInstalled)
{
list.Add(certificateRecord);
if (this.IsCurrentOrNextCertificate(certificateRecord))
{
this.eventLogger.LogEvent(MSExchangeCertificateDeploymentEventLogConstants.Tuple_NeedCertificate, null, new object[]
{
thumbprint
});
}
}
else if (federationTrustCertificateState == FederationTrustCertificateState.Installed)
{
if (this.IsCurrentOrNextCertificate(certificateRecord))
{
this.VerifyCertificateExpiration(exchangeCertificate);
}
if (!ManageExchangeCertificate.IsCertEnabledForNetworkService(exchangeCertificate))
{
Servicelet.Tracer.TraceDebug <string>((long)this.GetHashCode(), "Enabling for Network Service: {0}", thumbprint);
try
{
FederationCertificate.EnableCertificateForNetworkService(this.localServer.Name, thumbprint);
}
catch (LocalizedException ex)
{
Servicelet.Tracer.TraceError <LocalizedException>((long)this.GetHashCode(), "Failed to Enable for Network Service: {0}", ex);
this.eventLogger.LogEvent(MSExchangeCertificateDeploymentEventLogConstants.Tuple_EnableNetworkServiceException, null, new object[]
{
thumbprint,
ex
});
}
catch (InvalidOperationException ex2)
{
Servicelet.Tracer.TraceError <InvalidOperationException>((long)this.GetHashCode(), "Failed to Enable for Network Service: {0}", ex2);
this.eventLogger.LogEvent(MSExchangeCertificateDeploymentEventLogConstants.Tuple_EnableNetworkServiceException, null, new object[]
{
thumbprint,
ex2
});
}
}
}
}
if (list.Count != 0)
{
Dictionary <TopologySite, List <TopologyServer> > dictionary;
TopologySite topologySite;
FederationCertificate.DiscoverServers(this.session, true, out dictionary, out topologySite);
if (topologySite == null)
{
Servicelet.Tracer.TraceError((long)this.GetHashCode(), "Server is not associated with a site");
this.eventLogger.LogEvent(MSExchangeCertificateDeploymentEventLogConstants.Tuple_CannotFindLocalSite, null, null);
return;
}
List <TopologyServer> sourceServers;
if (dictionary.TryGetValue(topologySite, out sourceServers))
{
this.PullCertificate(sourceServers, list, this.localServer);
}
if (list.Count != 0)
{
foreach (KeyValuePair <TopologySite, List <TopologyServer> > keyValuePair in dictionary)
{
if (!keyValuePair.Key.Equals(topologySite))
{
this.PullCertificate(keyValuePair.Value, list, this.localServer);
if (list.Count == 0)
{
break;
}
}
}
}
}
foreach (CertificateRecord certificateRecord2 in list)
{
Servicelet.Tracer.TraceDebug <string>((long)this.GetHashCode(), "Certificate not found: {0}", certificateRecord2.Thumbprint);
if (this.IsCurrentOrNextCertificate(certificateRecord2))
{
this.eventLogger.LogEvent(MSExchangeCertificateDeploymentEventLogConstants.Tuple_CertificateNotFound, null, new object[]
{
certificateRecord2.Thumbprint
});
}
}
Servicelet.Tracer.TraceDebug((long)this.GetHashCode(), "PerformDistribution(): Exiting");
}
internal FederationTrustCertificateStatus(ADSite site, TopologyServer server, FederationTrustCertificateState state, string thumbprint)
{
this.site = site;
this.server = server;
this.state = state;
this.thumbprint = thumbprint;
}
