/// <summary>
/// Remove client from list of active clients when client is closed.
/// Try to communicate with active CA server and replicate to backup server.
/// If communication with active CA server is failed, communicates with backup server.
/// </summary>
/// <param name="subject"></param>
/// <returns></returns>
public static bool RemoveClientFromListOfActiveClients(string subject)
{
bool retValue = false;
lock (objLock)
{
try
{
//try communication with ACTIVE CA server
using (CAProxy activeProxy = new CAProxy(binding, ACTIVE_SERVER_ADDRESS))
{
retValue = activeProxy.factory.RemoveClientFromListOfActiveClients(subject);
#region try replication to NONACTIVE CA server
try
{
//replicate to NONACTIVE server to remove client on NONACTIVE server
using (CAProxy nonActiveProxy = new CAProxy(binding, NON_ACTIVE_SERVER_ADDRESS))
{
if (CA_SERVER_STATE == EnumCAServerState.BothOn)
{
activeProxy.factory.RemoveClientFromListOfActiveClients(subject);
}
else if (CA_SERVER_STATE == EnumCAServerState.OnlyActiveOn)
{
IntegrityUpdate(activeProxy, nonActiveProxy);
CA_SERVER_STATE = EnumCAServerState.BothOn;
}
}
}
catch (EndpointNotFoundException exNONACTIVE)
{
CA_SERVER_STATE = EnumCAServerState.OnlyActiveOn;
}
#endregion
}
}
catch (EndpointNotFoundException exACTIVE)
{
try
{
//try communication with NONACTIVE CA server
using (CAProxy nonActiveProxy = new CAProxy(binding, NON_ACTIVE_SERVER_ADDRESS))
{
retValue = nonActiveProxy.factory.RemoveClientFromListOfActiveClients(subject);
SwitchActiveNonActiveAddress();
CA_SERVER_STATE = EnumCAServerState.OnlyActiveOn;
}
}
catch (EndpointNotFoundException exNONACTIVE)
{
Console.WriteLine("Both of CA servers not working!");
CA_SERVER_STATE = EnumCAServerState.BothOff;
}
}
}
return(retValue);
}
/// <summary>
/// Validate if certificate is active.
/// Try to communicate with active CA server.
/// If communication with active CA server is failed, communicates with backup server.
/// </summary>
/// <param name="certificate"></param>
/// <returns></returns>
public static bool IsCertificateActive(X509Certificate2 certificate)
{
bool retValue = false;
lock (objLock)
{
try
{
//try communication with ACTIVE CA server
using (CAProxy activeProxy = new CAProxy(binding, ACTIVE_SERVER_ADDRESS))
{
retValue = activeProxy.factory.IsCertificateActive(certificate);
}
}
catch (EndpointNotFoundException exACTIVE)
{
try
{
//try communication with NONACTIVE CA server
using (CAProxy nonActiveProxy = new CAProxy(binding, NON_ACTIVE_SERVER_ADDRESS))
{
retValue = nonActiveProxy.factory.IsCertificateActive(certificate);
SwitchActiveNonActiveAddress();
CA_SERVER_STATE = EnumCAServerState.OnlyActiveOn;
}
}
catch (EndpointNotFoundException exNONACTIVE)
{
Console.WriteLine("Both of CA servers not working!");
CA_SERVER_STATE = EnumCAServerState.BothOff;
}
}
}
return(retValue);
}
/// <summary>
/// Generate new certificate with subject name if specific certificate does not exist or it is not active.
/// Try to communicate with active CA server and replicate to backup server.
/// If communication with active CA server is failed, communicates with backup server.
/// </summary>
/// <param name="subject">Subject name</param>
/// <param name="address">Subject address</param>
/// <returns>New or existing certificate attached to subject (client)</returns>
public static CertificateDto GenerateCertificate(string subject, string address)
{
CertificateDto retCertDto = null;
X509Certificate2 certificate = null;
lock (objLock)
{
try
{
//try communication with ACTIVE CA server
using (CAProxy activeProxy = new CAProxy(binding, ACTIVE_SERVER_ADDRESS))
{
retCertDto = activeProxy.factory.GenerateCertificate(subject, address);
certificate = retCertDto.GetCert();
if (certificate != null)
{
#region try replication to NONACTIVE CA server
try
{
//replicate to NONACTIVE server
using (CAProxy nonActiveProxy = new CAProxy(binding, NON_ACTIVE_SERVER_ADDRESS))
{
if (CA_SERVER_STATE == EnumCAServerState.BothOn)
{
nonActiveProxy.factory.SaveCertificateToBackupDisc(new CertificateDto(certificate));
}
else if (CA_SERVER_STATE == EnumCAServerState.OnlyActiveOn)
{
IntegrityUpdate(activeProxy, nonActiveProxy);
CA_SERVER_STATE = EnumCAServerState.BothOn;
}
}
}
catch (EndpointNotFoundException exNONACTIVE)
{
CA_SERVER_STATE = EnumCAServerState.OnlyActiveOn;
}
#endregion
}
}
}
catch (EndpointNotFoundException exACTIVE)
{
try
{
//try communication with NONACTIVE CA server
using (CAProxy backupProxy = new CAProxy(binding, NON_ACTIVE_SERVER_ADDRESS))
{
retCertDto = backupProxy.factory.GenerateCertificate(subject, address);
certificate = retCertDto.GetCert();
SwitchActiveNonActiveAddress();
CA_SERVER_STATE = EnumCAServerState.OnlyActiveOn;
}
}
catch (EndpointNotFoundException exNONACTIVE)
{
Console.WriteLine("Both of CA servers not working!");
CA_SERVER_STATE = EnumCAServerState.BothOff;
}
}
}
return(retCertDto);
}
/// <summary>
/// Withdraw certificate if it exists.
/// Try to communicate with active CA server and replicate to backup server.
/// If communication with active CA server is failed, communicates with backup server.
/// </summary>
/// <param name="subjectName"></param>
/// <returns></returns>
public static bool WithdrawCertificate(string subjectName)
{
string clientAddress = null;
lock (objLock)
{
try
{
//try communication with ACTIVE CA server
using (CAProxy activeProxy = new CAProxy(binding, ACTIVE_SERVER_ADDRESS))
{
clientAddress = activeProxy.factory.WithdrawCertificate(subjectName);
#region try replication to NONACTIVE CA server
try
{
//replicate to NONACTIVE server to withdraw certificate on NONACTIVE server
using (CAProxy nonActiveProxy = new CAProxy(binding, NON_ACTIVE_SERVER_ADDRESS))
{
if (CA_SERVER_STATE == EnumCAServerState.BothOn)
{
activeProxy.factory.WithdrawCertificate(subjectName);
}
else if (CA_SERVER_STATE == EnumCAServerState.OnlyActiveOn)
{
IntegrityUpdate(activeProxy, nonActiveProxy);
CA_SERVER_STATE = EnumCAServerState.BothOn;
}
}
}
catch (EndpointNotFoundException exNONACTIVE)
{
CA_SERVER_STATE = EnumCAServerState.OnlyActiveOn;
}
#endregion
}
}
catch (EndpointNotFoundException exACTIVE)
{
try
{
//try communication with NONACTIVE CA server
using (CAProxy nonActiveProxy = new CAProxy(binding, NON_ACTIVE_SERVER_ADDRESS))
{
clientAddress = nonActiveProxy.factory.WithdrawCertificate(subjectName);
SwitchActiveNonActiveAddress();
CA_SERVER_STATE = EnumCAServerState.OnlyActiveOn;
}
}
catch (EndpointNotFoundException exNONACTIVE)
{
Console.WriteLine("Both of CA servers not working!");
CA_SERVER_STATE = EnumCAServerState.BothOff;
}
}
if (clientAddress != null)
{
NotifyClientsAboutCertificateWithdraw(clientAddress);
}
}
return(clientAddress != null);
}
