private async Task ResolveOrder(AcmeClient acme) { _order = await _stateStore.GetOrderAsync(); long nowTs = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(); if (_order == null || _order.IsExpired(nowTs)) { if (_order != null) { _logger.LogInformation("previous order expired."); await _stateStore.DeleteOrderAsync(); } _logger.LogInformation("Creating NEW Order"); _order = await acme.CreateOrderAsync(_options.DnsNames); await _stateStore.SaveOrderAsync(_order); } else { _logger.LogInformation("get order from store"); // refresh order try { _logger.LogInformation("Refreshing Order status"); _order = await acme.GetOrderDetailsAsync(_order); } catch (InvalidOrderStatusException) { await _stateStore.DeleteOrderAsync(); throw; } } _logger.LogInformation(JsonSerializer.Serialize(_order)); }
private async Task ResolveCertificate(AcmeClient acme) { _logger.LogInformation("Refreshing Order status"); _order = await acme.GetOrderDetailsAsync(_order); // FIXME, wait for ready if (OrderStatus.Ready == _order.Status) { CertPrivateKey key = null; _logger.LogInformation("Generating CSR"); byte[] csr; switch (_options.CertificateKeyAlgor) { case "rsa": key = CertHelper.GenerateRsaPrivateKey( _options.CertificateKeySize ?? AcmeOptions.DefaultRsaKeySize); csr = CertHelper.GenerateRsaCsr(_options.DnsNames, key); break; case "ec": key = CertHelper.GenerateEcPrivateKey( _options.CertificateKeySize ?? AcmeOptions.DefaultEcKeySize); csr = CertHelper.GenerateEcCsr(_options.DnsNames, key); break; default: throw new Exception("Unknown Certificate Key Algorithm: " + _options.CertificateKeyAlgor); } await _stateStore.SavePrivateKeyAsync(_order.Url, key.KeyPair, _order.Expires); _logger.LogInformation("Finalizing Order"); _order = await acme.FinalizeOrderAsync(_order, csr); } // FIXME extract out if (string.IsNullOrEmpty(_order.CertificateUrl)) { _logger.LogWarning("Order Certificate is NOT READY YET"); var now = DateTime.Now; do { _logger.LogInformation("Waiting..."); await Task.Delay(5000); _order = await acme.GetOrderDetailsAsync(_order); if (!string.IsNullOrEmpty(_order.CertificateUrl)) { break; } _logger.LogInformation($"order status {_order.Status}"); if (DateTime.Now > now.AddSeconds(_options.WaitForCertificate)) { throw new TimeoutException("Failed to get certificate url"); } } while (true); await _stateStore.SaveOrderAsync(_order); } _logger.LogInformation("Retrieving Certificate"); X509Certificate newCert = await acme.GetOrderCertificateAsync(_order); await _stateStore.SaveCertificateAsync(_order.Url, newCert); }