public PendingAuthorization DomainInitAndRegistration(CertRequestConfig requestConfig, string identifierAlias)
{
/*
* //need to manipulate file created above to set file path or request key sshould be written too.
*
*/
//perform domain cert requests
string domain = requestConfig.Domain;
// powershellManager.SetWorkingDirectory(this.vaultFolderPath);
if (GetIdentifier(identifierAlias) == null)
{
var result = powershellManager.NewIdentifier(domain, identifierAlias, "Identifier:" + domain);
if (!result.IsOK)
{
return(null);
}
}
ReloadVaultConfig();
var identifier = this.GetIdentifier(identifierAlias);
/*
* //config file now has a temp path to write to, begin challenge (writes to temp file with challenge content)
*/
var ccrResult = powershellManager.CompleteChallenge(identifier.Alias, regenerate: true);
if (ccrResult.IsOK)
{
bool extensionlessConfigOK = false;
//get challenge info
ReloadVaultConfig();
identifier = GetIdentifier(identifierAlias);
var challengeInfo = identifier.Challenges.FirstOrDefault(c => c.Value.Type == "http-01").Value;
//if copying the file for the user, attempt that now
if (challengeInfo != null && requestConfig.PerformChallengeFileCopy)
{
var httpChallenge = (ACMESharp.ACME.HttpChallenge)challengeInfo.Challenge;
//copy temp file to path challenge expects in web folder
var destFile = Path.Combine(requestConfig.WebsiteRootPath, httpChallenge.FilePath);
var destPath = Path.GetDirectoryName(destFile);
if (!Directory.Exists(destPath))
{
Directory.CreateDirectory(destPath);
}
//copy challenge response to web folder /.well-known/acme-challenge
System.IO.File.WriteAllText(destFile, httpChallenge.FileContent);
var wellknownContentPath = httpChallenge.FilePath.Substring(0, httpChallenge.FilePath.LastIndexOf("/"));
var testFilePath = Path.Combine(requestConfig.WebsiteRootPath, wellknownContentPath + "//configcheck");
System.IO.File.WriteAllText(testFilePath, "Extensionless File Config Test - OK");
//create a web.config for extensionless files
string webConfigContent = Properties.Resources.IISWebConfig;
if (!File.Exists(destPath + "\\web.config"))
{
System.IO.File.WriteAllText(destPath + "\\web.config", webConfigContent);
}
if (CheckURL("http://" + domain + "/" + wellknownContentPath + "/configcheck"))
{
extensionlessConfigOK = true;
}
if (!extensionlessConfigOK)
{
webConfigContent = Properties.Resources.IISWebConfigAlt;
System.IO.File.WriteAllText(destPath + "\\web.config", webConfigContent);
}
if (CheckURL("http://" + domain + "/" + wellknownContentPath + "/configcheck"))
{
extensionlessConfigOK = true;
}
//ready to complete challenge
}
return(new PendingAuthorization()
{
Challenge = challengeInfo, Identifier = identifier, TempFilePath = "", ExtensionlessConfigCheckedOK = extensionlessConfigOK
});
}
else
{
return(null);
}
}
public PendingAuthorization BeginRegistrationAndValidation(CertRequestConfig requestConfig, string identifierAlias, string challengeType = "http-01", string domain = null)
{
//if no alternative domain specified, use the primary domains as the subject
if (domain == null)
{
domain = requestConfig.PrimaryDomain;
}
if (GetIdentifier(identifierAlias) == null)
{
//if an identifier exists for the same dns in vault, remove it to avoid confusion
this.DeleteIdentifierByDNS(domain);
// ACME service requires international domain names in ascii mode
if (UsePowershell)
{
var result = powershellManager.NewIdentifier(idnMapping.GetAscii(domain), identifierAlias, "Identifier:" + domain);
if (!result.IsOK)
{
return(null);
}
}
else
{
var cmd = new ACMESharp.POSH.NewIdentifier();
cmd.Dns = idnMapping.GetAscii(domain);
cmd.Alias = identifierAlias;
cmd.Label = "Identifier:" + domain;
try
{
cmd.ExecuteCommand();
}
catch (Exception exp)
{
this.LogAction("NewIdentifier", exp.ToString());
return(null);
}
}
}
var identifier = this.GetIdentifier(identifierAlias, reloadVaultConfig: true);
if (identifier.Authorization.IsPending())
{
bool ccrResultOK = false;
if (UsePowershell)
{
var result = powershellManager.CompleteChallenge(identifier.Alias, challengeType, regenerate: true);
ccrResultOK = result.IsOK;
}
else
{
var cmd = new ACMESharp.POSH.CompleteChallenge();
cmd.IdentifierRef = identifier.Alias;
cmd.ChallengeType = challengeType;
cmd.Handler = "manual";
cmd.Regenerate = new System.Management.Automation.SwitchParameter(true);
cmd.Repeat = new System.Management.Automation.SwitchParameter(true);
cmd.ExecuteCommand();
ccrResultOK = true;
}
//get challenge info
ReloadVaultConfig();
identifier = GetIdentifier(identifierAlias);
var challengeInfo = identifier.Challenges.FirstOrDefault(c => c.Value.Type == challengeType).Value;
//identifier challenege specification is now ready for use to prepare and answer for LetsEncrypt to check
return(new PendingAuthorization()
{
Challenge = challengeInfo, Identifier = identifier, TempFilePath = "", ExtensionlessConfigCheckedOK = false
});
}
else
{
//identifier is already valid (previously authorized)
return(new PendingAuthorization()
{
Challenge = null, Identifier = identifier, TempFilePath = "", ExtensionlessConfigCheckedOK = false
});
}
}
public PendingAuthorization BeginRegistrationAndValidation(CertRequestConfig requestConfig, string identifierAlias)
{
string domain = requestConfig.Domain;
if (GetIdentifier(identifierAlias) == null)
{
//if an identifier exists for the same dns in vault, remove it to avoid confusion
this.DeleteIdentifierByDNS(domain);
var result = powershellManager.NewIdentifier(domain, identifierAlias, "Identifier:" + domain);
if (!result.IsOK)
{
return(null);
}
}
var identifier = this.GetIdentifier(identifierAlias, reloadVaultConfig: true);
/*
* //config file now has a temp path to write to, begin challenge (writes to temp file with challenge content)
*/
if (identifier.Authorization.IsPending())
{
var ccrResult = powershellManager.CompleteChallenge(identifier.Alias, regenerate: true);
if (ccrResult.IsOK)
{
bool extensionlessConfigOK = false;
bool checkViaProxy = true;
//get challenge info
ReloadVaultConfig();
identifier = GetIdentifier(identifierAlias);
var challengeInfo = identifier.Challenges.FirstOrDefault(c => c.Value.Type == "http-01").Value;
//if copying the file for the user, attempt that now
if (challengeInfo != null && requestConfig.PerformChallengeFileCopy)
{
var httpChallenge = (ACMESharp.ACME.HttpChallenge)challengeInfo.Challenge;
this.LogAction("Preparing challenge response for LetsEncrypt server to check at: " + httpChallenge.FileUrl);
this.LogAction("If the challenge response file is not accessible at this exact URL the validation will fail and a certificate will not be issued.");
//copy temp file to path challenge expects in web folder
var destFile = Path.Combine(requestConfig.WebsiteRootPath, httpChallenge.FilePath);
var destPath = Path.GetDirectoryName(destFile);
if (!Directory.Exists(destPath))
{
Directory.CreateDirectory(destPath);
}
//copy challenge response to web folder /.well-known/acme-challenge
System.IO.File.WriteAllText(destFile, httpChallenge.FileContent);
var wellknownContentPath = httpChallenge.FilePath.Substring(0, httpChallenge.FilePath.LastIndexOf("/"));
var testFilePath = Path.Combine(requestConfig.WebsiteRootPath, wellknownContentPath + "//configcheck");
System.IO.File.WriteAllText(testFilePath, "Extensionless File Config Test - OK");
//create a web.config for extensionless files, then test it (make a request for the extensionless configcheck file over http)
string webConfigContent = Properties.Resources.IISWebConfig;
if (!File.Exists(destPath + "\\web.config"))
{
//no existing config, attempt auto config and perform test
System.IO.File.WriteAllText(destPath + "\\web.config", webConfigContent);
if (requestConfig.PerformExtensionlessConfigChecks)
{
if (CheckURL("http://" + domain + "/" + wellknownContentPath + "/configcheck", checkViaProxy))
{
extensionlessConfigOK = true;
}
}
}
else
{
//web config already exists, don't overwrite it, just test it
if (requestConfig.PerformExtensionlessConfigChecks)
{
if (CheckURL("http://" + domain + "/" + wellknownContentPath + "/configcheck", checkViaProxy))
{
extensionlessConfigOK = true;
}
if (!extensionlessConfigOK && requestConfig.PerformExtensionlessAutoConfig)
{
//didn't work, try our default config
System.IO.File.WriteAllText(destPath + "\\web.config", webConfigContent);
if (CheckURL("http://" + domain + "/" + wellknownContentPath + "/configcheck", checkViaProxy))
{
extensionlessConfigOK = true;
}
}
}
}
if (!extensionlessConfigOK && requestConfig.PerformExtensionlessAutoConfig)
{
//if first attempt(s) at config failed, try an alternative config
webConfigContent = Properties.Resources.IISWebConfigAlt;
System.IO.File.WriteAllText(destPath + "\\web.config", webConfigContent);
if (CheckURL("http://" + domain + "/" + wellknownContentPath + "/configcheck", checkViaProxy))
{
//ready to complete challenge
extensionlessConfigOK = true;
}
}
}
return(new PendingAuthorization()
{
Challenge = challengeInfo, Identifier = identifier, TempFilePath = "", ExtensionlessConfigCheckedOK = extensionlessConfigOK
});
}
else
{
return(null);
}
}
else
{
//identifier is already valid (previously authorized)
return(new PendingAuthorization()
{
Challenge = null, Identifier = identifier, TempFilePath = "", ExtensionlessConfigCheckedOK = false
});
}
}
