Example #1
0
        public StatusMessage SubmitCertificate(string certAlias)
        {
            try
            {
                var result = ACMESharpUtils.SubmitCertificate(certAlias, protectSensitiveFileStorage: UseEFSForSensitiveFiles);

                return(new StatusMessage {
                    IsOK = true, Result = result
                });
            }
            catch (Exception exp)
            {
                if (exp is ACMESharp.AcmeClient.AcmeWebException)
                {
                    var aex = (ACMESharp.AcmeClient.AcmeWebException)exp;
                    return(new StatusMessage {
                        IsOK = false, Message = aex.Message, Result = aex
                    });
                }
                else
                {
                    return(new StatusMessage {
                        IsOK = false, Message = exp.Message, Result = exp
                    });
                }
            }
        }
Example #2
0
        public APIResult SubmitCertificate(string certAlias)
        {
            try
            {
                var result = ACMESharpUtils.SubmitCertificate(certAlias);

                return(new APIResult {
                    IsOK = true, Result = result
                });
            }
            catch (Exception exp)
            {
                if (exp is ACMESharp.AcmeClient.AcmeWebException)
                {
                    var aex = (ACMESharp.AcmeClient.AcmeWebException)exp;
                    return(new APIResult {
                        IsOK = false, Message = aex.Message, Result = aex
                    });
                }
                else
                {
                    return(new APIResult {
                        IsOK = false, Message = exp.Message, Result = exp
                    });
                }
            }
        }
Example #3
0
        public async Task <StatusMessage> RevokeCertificate(string pfxPath)
        {
            var    fi        = new FileInfo(pfxPath);
            string certAlias = fi.Name.Replace("-all.pfx", "");

            return(await Task <StatusMessage> .Run(() =>
            {
                try
                {
                    return new StatusMessage()
                    {
                        IsOK = true,
                        Result = ACMESharpUtils.RevokeCertificate(certAlias)
                    };
                }
                catch (Exception ex)
                {
                    return new StatusMessage()
                    {
                        IsOK = false,
                        FailedItemSummary = new List <string>()
                        {
                            $"Certificate revocation error: {ex.Message}"
                        },
                        Message = ex.Message
                    };
                }
            }));
        }
Example #4
0
        /// <summary>
        /// 生成证书
        /// </summary>
        /// <returns></returns>
        private static bool GenericCertificate()
        {
            string savePathPrefix = Config.CertificateSaveDir;

            if (!savePathPrefix.EndsWith("\\") && !savePathPrefix.EndsWith("/"))
            {
                savePathPrefix += Path.DirectorySeparatorChar + Config.Domain + "_";
            }
            try
            {
                ACMESharpUtils.GetCertificate("cert1", savePathPrefix + "key.pem", savePathPrefix + "csr.pem", savePathPrefix + "certificate.pem", savePathPrefix + "certificate.der", savePathPrefix + "issuer.pem", savePathPrefix + "issuer.der", savePathPrefix + "pkcs12.pfx", Config.PFXPassword, overwrite: true);
                string chinapem = savePathPrefix + "chain.pem";
                if (File.Exists(chinapem))
                {
                    File.Delete(chinapem);
                }
                string content = string.Empty;
                content  = File.ReadAllText(savePathPrefix + "certificate.pem") + "\r\n";
                content += File.ReadAllText(savePathPrefix + "issuer.pem");
                File.WriteAllText(chinapem, content);
            }
            catch (Exception ex)
            {
                Trace.Error("生成证书失败!~", ex);
                return(false);
            }
            return(true);
        }
Example #5
0
 public string GetVaultPath()
 {
     using (var vlt = (LocalDiskVault)ACMESharpUtils.GetVault(this.vaultProfile))
     {
         this.vaultFolderPath = vlt.RootPath;
     }
     return(this.vaultFolderPath);
 }
Example #6
0
 public VaultInfo LoadVaultFromFile()
 {
     lock (VAULT_LOCK)
     {
         using (var vlt = ACMESharpUtils.GetVault(this.vaultProfile))
         {
             OpenVaultStorage(vlt, true);
             var v = vlt.LoadVault();
             return(v);
         }
     }
 }
Example #7
0
        public PendingAuthorization BeginRegistrationAndValidation(CertRequestConfig requestConfig, string identifierAlias, string challengeType = ACMESharpCompat.ACMESharpUtils.CHALLENGE_TYPE_HTTP, string domain = null)
        {
            //if no alternative domain specified, use the primary domains as the subject
            if (domain == null)
            {
                domain = requestConfig.PrimaryDomain;
            }

            // if (GetIdentifier(identifierAlias) == null)

            //if an identifier exists for the same dns in vault, remove it to avoid confusion
            this.DeleteIdentifierByDNS(domain);

            // ACME service requires international domain names in ascii mode, register the new
            // identifier with Lets Encrypt
            var authState = ACMESharpUtils.NewIdentifier(identifierAlias, idnMapping.GetAscii(domain));

            var identifier = this.GetIdentifier(identifierAlias, reloadVaultConfig: true);

            //FIXME: when validating subsequent SAN names in parallel request mode, the identifier is null?
            if (identifier != null && identifier.Authorization != null && identifier.Authorization.IsPending())
            {
                ACMESharpUtils.CompleteChallenge(identifier.Alias, challengeType, Handler: "manual", Regenerate: true, Repeat: true);

                //get challenge info
                ReloadVaultConfig();
                identifier = GetIdentifier(identifierAlias);
                try
                {
                    //identifier challenge specification is now ready for use to prepare and answer for LetsEncrypt to check

                    var challengeInfo = identifier.Challenges.FirstOrDefault(c => c.Value.Type == challengeType).Value;
                    return(new PendingAuthorization()
                    {
                        Challenge = GetAuthorizeChallengeItemFromAuthChallenge(challengeInfo), Identifier = GetDomainIdentifierItemFromIdentifierInfo(identifier), TempFilePath = "", ExtensionlessConfigCheckedOK = false, LogItems = this.GetActionLogSummary()
                    });
                }
                catch (Exception exp)
                {
                    LogAction("GetIdentifier", exp.ToString());
                    //identifier challenge could not be requested this time (FIXME: did we discard it when reloading vault?)
                    return(null);
                }
            }
            else
            {
                //identifier is null or already valid (previously authorized)
                return(new PendingAuthorization()
                {
                    Challenge = null, Identifier = GetDomainIdentifierItemFromIdentifierInfo(identifier), TempFilePath = "", ExtensionlessConfigCheckedOK = false, LogItems = this.GetActionLogSummary()
                });
            }
        }
Example #8
0
 public bool AddNewRegistrationAndAcceptTOS(string contact)
 {
     try
     {
         ACMESharpUtils.NewRegistration(null, new string[] { contact }, acceptTOS: true);
         return(true);
     }
     catch (Exception exp)
     {
         System.Diagnostics.Debug.WriteLine(exp.ToString());
         return(false);
     }
 }
Example #9
0
        public PendingAuthorization BeginRegistrationAndValidation(CertRequestConfig requestConfig, string identifierAlias, string challengeType = "http-01", string domain = null)
        {
            //if no alternative domain specified, use the primary domains as the subject
            if (domain == null)
            {
                domain = requestConfig.PrimaryDomain;
            }

            // if (GetIdentifier(identifierAlias) == null)

            //if an identifier exists for the same dns in vault, remove it to avoid confusion
            this.DeleteIdentifierByDNS(domain);

            // ACME service requires international domain names in ascii mode, regiser the new identifier with Lets Encrypt
            var authState = ACMESharpUtils.NewIdentifier(identifierAlias, idnMapping.GetAscii(domain));

            var identifier = this.GetIdentifier(identifierAlias, reloadVaultConfig: true);

            //FIXME: when validating subsequent SAN names in parallel request mode, the identifier is null?
            if (identifier != null && identifier.Authorization != null && identifier.Authorization.IsPending())
            {
                ACMESharpUtils.CompleteChallenge(identifier.Alias, challengeType, Handler: "manual", Regenerate: true, Repeat: true);

                //get challenge info
                ReloadVaultConfig();
                identifier = GetIdentifier(identifierAlias);
                var challengeInfo = identifier.Challenges.FirstOrDefault(c => c.Value.Type == challengeType).Value;

                //identifier challenege specification is now ready for use to prepare and answer for LetsEncrypt to check
                return(new PendingAuthorization()
                {
                    Challenge = challengeInfo, Identifier = identifier, TempFilePath = "", ExtensionlessConfigCheckedOK = false
                });
            }
            else
            {
                //identifier is null or already valid (previously authorized)
                return(new PendingAuthorization()
                {
                    Challenge = null, Identifier = identifier, TempFilePath = "", ExtensionlessConfigCheckedOK = false
                });
            }
        }
Example #10
0
        /// <summary>
        /// 初始化vault
        /// </summary>
        public static void InitializeVault()
        {
            string baseuri = ACMESharpUtils.WELL_KNOWN_BASE_SERVICES[ACMESharpUtils.WELL_KNOWN_LE];

            using (var vlt = ACMESharpUtils.GetVault())
            {
                vlt.InitStorage(true);
                var v = new VaultInfo
                {
                    Id              = ACMESharp.Vault.Util.EntityHelper.NewId(),
                    Alias           = "ztimage",
                    Label           = string.Empty,
                    Memo            = string.Empty,
                    BaseService     = string.Empty,
                    BaseUri         = baseuri,
                    ServerDirectory = new ACMESharp.AcmeServerDirectory()
                };
                vlt.SaveVault(v);
            }
        }
Example #11
0
        public StatusMessage NewCertificate(string domainIdentifierAlias, string certAlias, string[] subjectAlternativeNameIdentifiers)
        {
            //if (subjectAlternativeNameIdentifiers != null) cmd.AlternativeIdentifierRefs = subjectAlternativeNameIdentifiers;
            // cmd.Generate = new System.Management.Automation.SwitchParameter(true);

            try
            {
                var result = ACMESharpUtils.NewCertificate(certAlias, domainIdentifierAlias, subjectAlternativeNameIdentifiers);

                return(new StatusMessage {
                    IsOK = true, Result = result
                });
            }
            catch (Exception exp)
            {
                return(new StatusMessage {
                    IsOK = false, Message = exp.ToString(), Result = exp
                });
            }
        }
Example #12
0
 public bool DeleteRegistrationInfo(Guid id)
 {
     using (var vlt = ACMESharpUtils.GetVault(this.vaultProfile))
     {
         lock (VAULT_LOCK)
         {
             try
             {
                 OpenVaultStorage(vlt, true);
                 vaultConfig.Registrations.Remove(id);
                 vlt.SaveVault(vaultConfig);
                 return(true);
             }
             catch (Exception e)
             {
                 // TODO: Logging of errors.
                 System.Diagnostics.Debug.WriteLine(e.Message);
                 return(false);
             }
         }
     }
 }
Example #13
0
        public void ExportCertificate(string certRef, bool pfxOnly = false)
        {
            GetVaultPath();
            if (!Directory.Exists(VaultFolderPath + "\\" + LocalDiskVault.ASSET))
            {
                Directory.CreateDirectory(VaultFolderPath + "\\" + LocalDiskVault.ASSET);
            }

            if (certRef.StartsWith("="))
            {
                certRef = certRef.Replace("=", "");
            }

            if (pfxOnly)
            {
                var ExportPkcs12 = vaultFolderPath + "\\" + LocalDiskVault.ASSET + "\\" + certRef + "-all.pfx";
                ACMESharpUtils.GetCertificate(certRef, ExportPkcs12: ExportPkcs12, overwrite: true);
            }
            else
            {
                var ExportKeyPEM         = vaultFolderPath + "\\" + LocalDiskVault.KEYPM + "\\" + certRef + "-key.pem";
                var ExportCsrPEM         = vaultFolderPath + "\\" + LocalDiskVault.CSRPM + "\\" + certRef + "-csr.pem";
                var ExportCertificatePEM = vaultFolderPath + "\\" + LocalDiskVault.CRTPM + "\\" + certRef + "-crt.pem";
                var ExportCertificateDER = vaultFolderPath + "\\" + LocalDiskVault.CRTDR + "\\" + certRef + "-crt.der";
                var ExportPkcs12         = vaultFolderPath + "\\" + LocalDiskVault.ASSET + "\\" + certRef + "-all.pfx";

                ACMESharpUtils.GetCertificate(
                    certRef,
                    ExportKeyPEM: ExportKeyPEM,
                    ExportCsrPEM: ExportCsrPEM,
                    ExportCertificatePEM: ExportCertificatePEM,
                    ExportCertificateDER: ExportCertificateDER,
                    ExportPkcs12: ExportPkcs12,
                    overwrite: true
                    );
            }
        }
Example #14
0
        internal bool DeleteIdentifierByDNS(string dns)
        {
            using (var vlt = ACMESharpUtils.GetVault(this.vaultProfile))
            {
                try
                {
                    lock (VAULT_LOCK)
                    {
                        OpenVaultStorage(vlt, true);
                        if (vaultConfig.Identifiers != null)
                        {
                            var         idsToRemove = vaultConfig.Identifiers.Values.Where(i => i.Dns == dns);
                            List <Guid> removing    = new List <Guid>();
                            foreach (var identifier in idsToRemove)
                            {
                                removing.Add(identifier.Id);
                            }
                            foreach (var identifier in removing)
                            {
                                vaultConfig.Identifiers.Remove(identifier);
                            }

                            vlt.SaveVault(vaultConfig);
                        }
                    }

                    return(true);
                }
                catch (Exception e)
                {
                    // TODO: Logging of errors.
                    System.Diagnostics.Debug.WriteLine(e.Message);
                    return(false);
                }
            }
        }
Example #15
0
        public void CleanupVault(Guid?identifierToRemove = null, bool includeDupeIdentifierRemoval = false)
        {
            //remove duplicate identifiers etc

            lock (VAULT_LOCK)
            {
                using (var vlt = ACMESharpUtils.GetVault(this.vaultProfile))
                {
                    OpenVaultStorage(vlt, true);
                    var v = vlt.LoadVault();

                    List <Guid> toBeRemoved = new List <Guid>();
                    if (identifierToRemove != null)
                    {
                        if (v.Identifiers.Keys.Any(i => i == (Guid)identifierToRemove))
                        {
                            toBeRemoved.Add((Guid)identifierToRemove);
                        }
                    }
                    else
                    {
                        //find all orphaned identified or identifiers with no certificate
                        if (v.Identifiers != null)
                        {
                            foreach (var k in v.Identifiers.Keys)
                            {
                                var identifier = v.Identifiers[k];

                                var certs = v.Certificates.Values.Where(c => c.IdentifierRef == identifier.Id);
                                if (!certs.Any())
                                {
                                    toBeRemoved.Add(identifier.Id);
                                }
                            }
                        }
                    }

                    foreach (var i in toBeRemoved)
                    {
                        v.Identifiers.Remove(i);
                    }
                    //

                    //find and remove certificates with no valid identifier in vault or with empty settings
                    toBeRemoved = new List <Guid>();

                    if (v.Certificates != null)
                    {
                        foreach (var c in v.Certificates)
                        {
                            if (
                                String.IsNullOrEmpty(c.IssuerSerialNumber)  //no valid issuer serial
                                ||
                                !v.Identifiers.ContainsKey(c.IdentifierRef) //no existing Identifier
                                )
                            {
                                toBeRemoved.Add(c.Id);
                            }
                        }

                        foreach (var i in toBeRemoved)
                        {
                            v.Certificates.Remove(i);
                        }
                    }

                    /*if (includeDupeIdentifierRemoval)
                     * {
                     *  //remove identifiers where the dns occurs more than once
                     *  foreach (var i in v.Identifiers)
                     *  {
                     *      var count = v.Identifiers.Values.Where(l => l.Dns == i.Dns).Count();
                     *      if (count > 1)
                     *      {
                     *          //identify most recent Identifier (based on assigned, non-expired cert), delete all the others
                     *
                     *          toBeRemoved.Add(i.Id);
                     *      }
                     *  }
                     * }*/

                    // Remove VaultInfo.ServerDirectory.* where * value contains
                    // "adding-random-entries-to-the-directory" v.ServerDirectory.
                    vlt.SaveVault(v);
                }
            }
        }
Example #16
0
 public void UpdateIdentifier(string domainIdentifierAlias)
 {
     ACMESharpUtils.UpdateIdentifier(domainIdentifierAlias);
 }
Example #17
0
        static void Main(string[] args)
        {
            Trace.EnableConsole();
            Trace.EnableFile();

            if (!CheckParmeter())
            {
                return;
            }
            Trace.Info("check config ok!~");

            InitializeVault();
            Trace.Info("init vault ok!~");

            try
            {
                ACMESharpUtils.NewRegistration("", new string[] { "mailto:" + Config.Mail }, true);
            }
            catch (Exception ex)
            {
                Trace.Error("registration error", ex);
                return;
            }
            Trace.Info("registration ok!~");

            try
            {
                ACMESharpUtils.NewIdentifier("dns1", Config.Domain);
            }
            catch (Exception ex)
            {
                Trace.Error("newidentityfier error", ex);
                return;
            }
            Trace.Info("newidentityfier ok!~");

            try
            {
                AuthorizationState state = ACMESharpUtils.CompleteChallenge("dns1", "http-01", "manual");
                if (!CreateChallengeFile(state))
                {
                    Trace.Error("create challenge file erro");
                    return;
                }
            }
            catch (Exception ex)
            {
                Trace.Error("complete challenge error", ex);
                return;
            }
            Trace.Info("challege ok");

            try
            {
                ACMESharpUtils.SubmitChallenge("dns1", "http-01");
            }
            catch (Exception ex)
            {
                Trace.Error("submit challenge error", ex);
                return;
            }
            Trace.Info("submit challage ok!~");

            Trace.Info("wait LE identifier");
            DateTime startT = DateTime.Now;
            bool     result = false;

            while ((DateTime.Now - startT).TotalSeconds < 300)
            {
                AuthorizationState state = null;
                try
                {
                    state = ACMESharpUtils.UpdateIdentifier("dns1", "http-01");
                }
                catch (Exception ex)
                {
                    Trace.Error("update identifier error");
                    return;
                }
                if (state == null)
                {
                    Trace.Error("update identifier state is null");
                    return;
                }

                var subResultState = state.Challenges.First <ACMESharp.AuthorizeChallenge>(item => item.Type == "http-01");
                if (subResultState == null)
                {
                    SaveState(state);
                    Trace.Error("state is null");
                    return;
                }

                if (subResultState.Status.Equals("valid", StringComparison.CurrentCultureIgnoreCase))
                {
                    result = true;
                    break;
                }
                else if (subResultState.Status.Equals("invalid", StringComparison.CurrentCultureIgnoreCase))
                {
                    SaveState(state);
                    Trace.Error("state is invalid");
                    return;
                }
                else
                {
                    Trace.Info(DateTime.Now.ToString("HH:mm:ss") + ",status is:" + subResultState.Status);
                }
                System.Threading.Thread.Sleep(5000);
            }
            if (!result)
            {
                Trace.Error("update identifer timeout");
                return;
            }
            Trace.Info("update identifier ok!~");

            try
            {
                ACMESharpUtils.NewCertificate("cert1", "dns1", null);
            }
            catch (Exception ex)
            {
                Trace.Error("new certificate erro", ex);
                return;
            }
            Trace.Info("new certificate is ok!~");

            try
            {
                ACMESharpUtils.SubmitCertificate("cert1");
            }
            catch (Exception ex)
            {
                Trace.Error("submit certificateerro", ex);
                return;
            }
            Trace.Info("submit certificate is ok!~");

            try
            {
                CertificateInfo info = ACMESharpUtils.UpdateCertificate("cert1");
            }
            catch (Exception ex)
            {
                Trace.Error("update certificate erro", ex);
                return;
            }
            Trace.Info("update certificate is ok!~");

            if (!GenericCertificate())
            {
                return;
            }

            Trace.Info("success!~");
            if (Environment.UserInteractive)
            {
                Trace.Info("Enter press any key exit!~");
                Console.ReadKey();
            }
        }
Example #18
0
        public bool InitVault(bool staging = true)
        {
            string apiURI = ACMESharpUtils.WELL_KNOWN_BASE_SERVICES[ACMESharpUtils.WELL_KNOWN_LESTAGE];

            if (!staging)
            {
                //live api
                apiURI = ACMESharpUtils.WELL_KNOWN_BASE_SERVICES[ACMESharpUtils.WELL_KNOWN_LE];
            }

            bool vaultExists = false;

            lock (VAULT_LOCK)
            {
                using (var vlt = ACMESharpUtils.GetVault(this.vaultProfile))
                {
                    OpenVaultStorage(vlt, true);
                    var v = vlt.LoadVault(false);
                    if (v != null)
                    {
                        vaultExists = true;
                    }
                }
            }

            if (!vaultExists)
            {
                var baseUri = apiURI;
                if (string.IsNullOrEmpty(baseUri))
                {
                    throw new InvalidOperationException("either a base service or URI is required");
                }

                lock (VAULT_LOCK)
                {
                    using (var vlt = ACMESharpUtils.GetVault(this.vaultProfile))
                    {
                        this.LogAction("InitVault", "Creating Vault");

                        OpenVaultStorage(vlt, true);

                        var v = new VaultInfo
                        {
                            Id              = EntityHelper.NewId(),
                            BaseUri         = baseUri,
                            ServerDirectory = new AcmeServerDirectory()
                        };

                        vlt.SaveVault(v);
                    }
                }
            }
            else
            {
                this.LogAction("InitVault", "Vault exists.");
            }

            this.vaultFolderPath = GetVaultPath();

            return(true);
        }
Example #19
0
        public PendingAuthorization BeginRegistrationAndValidation(CertRequestConfig requestConfig, string identifierAlias, string challengeType = ACMESharpCompat.ACMESharpUtils.CHALLENGE_TYPE_HTTP, string domain = null)
        {
            //if no alternative domain specified, use the primary domains as the subject
            if (domain == null)
            {
                domain = requestConfig.PrimaryDomain;
            }

            // if (GetIdentifier(identifierAlias) == null)

            //if an identifier exists for the same dns in vault, remove it to avoid confusion
            this.DeleteIdentifierByDNS(domain);

            // ACME service requires international domain names in ascii mode, create new identifier
            // in vault
            try
            {
                var authState = ACMESharpUtils.NewIdentifier(identifierAlias, idnMapping.GetAscii(domain));
            }
            catch (ACMESharp.AcmeClient.AcmeWebException exp)
            {
                //if we don't know the problem details, report the whole exception
                if (exp.Response?.ProblemDetail == null)
                {
                    throw exp;
                }

                // failed to register the domain identifier with LE (invalid, rate limit or CAA fail?)
                LogAction("NewIdentifier [" + domain + "]", exp.Response.ProblemDetail.OrignalContent);
                return(new PendingAuthorization {
                    AuthorizationError = $"{exp.Response.ProblemDetail.Detail} : {exp.Response.ProblemDetail.Type}"
                });
            }
            catch (Exception exp)
            {
                // failed to register the domain identifier with LE (rate limit or CAA fail?)
                LogAction("NewIdentifier [" + domain + "]", exp.ToString());
                return(new PendingAuthorization {
                    AuthorizationError = exp.ToString()
                });
            }

            Thread.Sleep(200);

            var identifier = this.GetIdentifier(identifierAlias, reloadVaultConfig: true);

            //FIXME: when validating subsequent SAN names in parallel request mode, the identifier is null?
            if (identifier != null && identifier.Authorization != null && identifier.Authorization.IsPending())
            {
                var authState = ACMESharpUtils.CompleteChallenge(identifier.Alias, challengeType, Handler: "manual", Regenerate: true, Repeat: true);
                LogAction("CompleteChallenge", authState.Status);

                //get challenge info for this identifier
                identifier = GetIdentifier(identifierAlias, reloadVaultConfig: true);
                try
                {
                    //identifier challenge specification is now ready for use to prepare and answer for LetsEncrypt to check

                    var challenges = new List <AuthorizationChallengeItem>();
                    foreach (var c in identifier.Challenges)
                    {
                        if (c.Value.Type == SupportedChallengeTypes.CHALLENGE_TYPE_HTTP)
                        {
                            var httpChallenge = (ACMESharp.ACME.HttpChallenge)c.Value.Challenge;

                            challenges.Add(new AuthorizationChallengeItem
                            {
                                ChallengeType = SupportedChallengeTypes.CHALLENGE_TYPE_HTTP,
                                ChallengeData = c.Value,
                                ResourcePath  = httpChallenge.FilePath,
                                ResourceUri   = httpChallenge.FileUrl,
                                Key           = c.Value.Token,
                                Value         = httpChallenge.FileContent
                            });
                        }

                        if (c.Value.Type == SupportedChallengeTypes.CHALLENGE_TYPE_SNI)
                        {
                            var tlsSniChallenge = (ACMESharp.ACME.TlsSniChallenge)c.Value.Challenge;
                            var tlsSniAnswer    = (ACMESharp.ACME.TlsSniChallengeAnswer)tlsSniChallenge.Answer;

                            challenges.Add(new AuthorizationChallengeItem
                            {
                                ChallengeType      = SupportedChallengeTypes.CHALLENGE_TYPE_SNI,
                                ChallengeData      = tlsSniChallenge,
                                Key                = tlsSniChallenge.Token,
                                Value              = tlsSniAnswer.KeyAuthorization,
                                HashIterationCount = tlsSniChallenge.IterationCount
                            });
                        }

                        //TODO: dns
                        if (c.Value.Type == SupportedChallengeTypes.CHALLENGE_TYPE_DNS)
                        {
                            var dnsChallenge = (ACMESharp.ACME.DnsChallenge)c.Value.Challenge;

                            challenges.Add(new AuthorizationChallengeItem
                            {
                                ChallengeType = SupportedChallengeTypes.CHALLENGE_TYPE_DNS,
                                ChallengeData = dnsChallenge,
                                Key           = dnsChallenge.RecordName,
                                Value         = dnsChallenge.RecordValue
                            });
                        }
                    }

                    return(new PendingAuthorization()
                    {
                        Challenges = challenges,
                        Identifier = GetDomainIdentifierItemFromIdentifierInfo(identifier)
                    });
                }
                catch (Exception exp)
                {
                    //identifier challenge could not be requested this time

                    LogAction("GetIdentifier", exp.ToString());

                    return(null);
                }
            }
            else
            {
                //identifier is null or already valid (previously authorized)
                return(new PendingAuthorization()
                {
                    Challenges = null,
                    Identifier = GetDomainIdentifierItemFromIdentifierInfo(identifier),
                    LogItems = this.GetActionLogSummary()
                });
            }
        }
Example #20
0
 public AuthorizationState SubmitChallenge(string alias, string challengeType = ACMESharpCompat.ACMESharpUtils.CHALLENGE_TYPE_HTTP)
 {
     //well known challenge all ready to be read by server
     return(ACMESharpUtils.SubmitChallenge(alias, challengeType));
 }
Example #21
0
 public AuthorizationState UpdateIdentifier(string domainIdentifierAlias)
 {
     return(ACMESharpUtils.UpdateIdentifier(domainIdentifierAlias));
 }
Example #22
0
 public void SubmitChallenge(string alias, string challengeType = "http-01")
 {
     //well known challenge all ready to be read by server
     ACMESharpUtils.SubmitChallenge(alias, challengeType);
 }
Example #23
0
 public void UpdateCertificate(string certRef)
 {
     ACMESharpUtils.UpdateCertificate(certRef);
 }
Example #24
0
 public void AddNewRegistrationAndAcceptTOS(string contact)
 {
     ACMESharpUtils.NewRegistration(null, new string[] { contact }, acceptTOS: true);
 }