public async Task CheckSiteCertAsync([TimerTrigger("01:00:00:00")] TimerInfo timer, ILogger log)
{
try
{
if (_SharedBusinessLogic.SharedOptions.CertExpiresWarningDays > 0)
{
//Get the cert thumbprint
var certThumprint = _SharedBusinessLogic.SharedOptions.Website_Load_Certificates.SplitI(";")
.FirstOrDefault();
if (string.IsNullOrWhiteSpace(certThumprint))
{
certThumprint = _SharedBusinessLogic.SharedOptions.CertThumprint.SplitI(";").FirstOrDefault();
}
if (!string.IsNullOrWhiteSpace(certThumprint))
{
//Load the cert from the thumprint
var cert = HttpsCertificate.LoadCertificateFromThumbprint(certThumprint);
var expires = cert.GetExpirationDateString().ToDateTime();
if (expires < VirtualDateTime.UtcNow)
{
await _Messenger.SendGeoMessageAsync(
"GPG - WEBSITE CERTIFICATE EXPIRED",
$"The website certificate for '{_SharedBusinessLogic.SharedOptions.ExternalHost}' expired on {expires.ToFriendlyDate()} and needs replacing immediately.");
}
else
{
var remainingTime = expires - VirtualDateTime.Now;
if (expires < VirtualDateTime.UtcNow.AddDays(_SharedBusinessLogic.SharedOptions
.CertExpiresWarningDays))
{
await _Messenger.SendGeoMessageAsync(
"GPG - WEBSITE CERTIFICATE EXPIRING",
$"The website certificate for '{_SharedBusinessLogic.SharedOptions.ExternalHost}' is due expire on {expires.ToFriendlyDate()} and will need replacing within {remainingTime.ToFriendly(maxParts: 2)}.");
}
}
}
}
log.LogDebug($"Executed {nameof(CheckSiteCertAsync)} successfully");
}
catch (Exception ex)
{
var message = $"Failed webjob ({nameof(CheckSiteCertAsync)}):{ex.Message}:{ex.GetDetailsText()}";
//Send Email to GEO reporting errors
await _Messenger.SendGeoMessageAsync("GPG - WEBJOBS ERROR", message);
//Rethrow the error
throw;
}
}
private X509Certificate2 LoadCertificate(SharedOptions sharedOptions)
{
//Load the site certificate
var certThumprint = sharedOptions.Website_Load_Certificates.SplitI(";").FirstOrDefault();
if (string.IsNullOrWhiteSpace(certThumprint))
{
certThumprint = _sharedOptions.CertThumprint.SplitI(";").FirstOrDefault();
}
X509Certificate2 cert = null;
if (!string.IsNullOrWhiteSpace(certThumprint))
{
cert = HttpsCertificate.LoadCertificateFromThumbprint(certThumprint);
_logger.LogInformation(
$"Successfully loaded certificate '{cert.FriendlyName}' expiring '{cert.GetExpirationDateString()}' from thumbprint '{certThumprint}'");
}
else
{
var certPath = Path.Combine(Directory.GetCurrentDirectory(), @"LocalHost.pfx");
cert = HttpsCertificate.LoadCertificateFromFile(certPath, "LocalHost");
_logger.LogInformation(
$"Successfully loaded certificate '{cert.FriendlyName}' expiring '{cert.GetExpirationDateString()}' from file '{certPath}'");
}
if (sharedOptions.CertExpiresWarningDays > 0)
{
var expires = cert.GetExpirationDateString().ToDateTime();
if (expires < VirtualDateTime.UtcNow)
{
_logger.LogError(
$"The website certificate for '{sharedOptions.ExternalHost}' expired on {expires.ToFriendlyDate()} and needs replacing immediately.");
}
else
{
var remainingTime = expires - VirtualDateTime.Now;
if (expires < VirtualDateTime.UtcNow.AddDays(sharedOptions.CertExpiresWarningDays))
{
_logger.LogWarning(
$"The website certificate for '{sharedOptions.SiteAuthority}' is due expire on {expires.ToFriendlyDate()} and will need replacing within {remainingTime.ToFriendly(maxParts: 2)}.");
}
}
}
return(cert);
}
public static void Start(IEnumerable <IBootstrapper> bootstrappers = null)
{
Bootstrappers = bootstrappers;
var parentFrame = new StackFrame(1, true);
AssemblyVersion.ServiceVersion = parentFrame?.GetMethod()?.ReflectedType?.Assembly?.GetName()?.ToString() ?? "";
AssemblyVersion.CoreVersion = typeof(Service).Assembly?.GetName()?.ToString() ?? "";
var cert = HttpsCertificate.Load();
var host = new WebHostBuilder()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseKestrel(options =>
{
options.AllowSynchronousIO = true;
options.Listen(IPAddress.Any, (int)Service.Config.ServiceConfiguration.HostPort, opts => opts.UseHttps(cert));
})
.UseStartup <Startup>()
.Build();
host.Run();
}
