/// <summary>
/// Method to execute the command
/// </summary>
private void GetVaultSettingsFile()
{
AzureSubscription subscription = DefaultProfile.Context.Subscription;
// Generate certificate
X509Certificate2 cert = CertUtils.CreateSelfSignedCertificate(VaultCertificateExpiryInHoursForHRM, subscription.Id.ToString(), this.Vault.Name);
ASRSite site = new ASRSite();
if (!string.IsNullOrEmpty(this.SiteIdentifier) && !string.IsNullOrEmpty(this.SiteFriendlyName))
{
site.ID = this.SiteIdentifier;
site.Name = this.SiteFriendlyName;
}
// Generate file.
ASRVaultCreds vaultCreds = RecoveryServicesClient.GenerateVaultCredential(
cert,
this.Vault,
site);
string filePath = string.IsNullOrEmpty(this.Path) ? Utilities.GetDefaultPath() : this.Path;
string fileName = this.GenerateFileName();
// write the content to a file.
VaultSettingsFilePath output = new VaultSettingsFilePath()
{
FilePath = Utilities.WriteToFile <ASRVaultCreds>(vaultCreds, filePath, fileName)
};
// print the path to the user.
this.WriteObject(output, true);
}
/// <summary>
/// Gets the vault credential object
/// </summary>
/// <param name="managementCert">certificate to be uploaded</param>
/// <param name="vault">vault object</param>
/// <returns>credential object</returns>
public ASRVaultCreds GenerateVaultCredential(X509Certificate2 managementCert, ASRVault vault, ASRSite site)
{
ASRVaultCreds currentVaultContext = new ASRVaultCreds(
PSRecoveryServicesClient.asrVaultCreds.SubscriptionId,
PSRecoveryServicesClient.asrVaultCreds.ResourceName,
PSRecoveryServicesClient.asrVaultCreds.ManagementCert,
PSRecoveryServicesClient.asrVaultCreds.AcsNamespace,
PSRecoveryServicesClient.asrVaultCreds.ChannelIntegrityKey,
PSRecoveryServicesClient.asrVaultCreds.ResourceGroupName,
PSRecoveryServicesClient.asrVaultCreds.SiteId,
PSRecoveryServicesClient.asrVaultCreds.SiteName,
PSRecoveryServicesClient.asrVaultCreds.ResourceNamespace,
PSRecoveryServicesClient.asrVaultCreds.ResourceType);
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType);
// Update vault settings with the working vault to generate file
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = vault.ResourceGroupName,
ResourceName = vault.Name,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
// Get Channel Integrity key
string channelIntegrityKey;
Task<string> getChannelIntegrityKey = this.GetChannelIntegrityKey();
// Making sure we can generate the file, once the SDK and portal are inter-operable
// upload certificate and fetch of ACIK can be made parallel to improvve the performace.
getChannelIntegrityKey.Wait();
// Upload certificate
UploadCertificateResponse acsDetails;
Task<UploadCertificateResponse> uploadCertificate = this.UpdateVaultCertificate(managementCert);
uploadCertificate.Wait();
acsDetails = uploadCertificate.Result;
channelIntegrityKey = getChannelIntegrityKey.Result;
ASRVaultCreds asrVaultCreds = this.GenerateCredentialObject(
managementCert,
acsDetails,
channelIntegrityKey,
vault,
site);
// Update back the original vault settings
Utilities.UpdateCurrentVaultContext(currentVaultContext);
return asrVaultCreds;
}
/// <summary>
/// Method to execute the command
/// </summary>
private void GetVaultSettingsFile()
{
AzureSubscription subscription = DefaultProfile.Context.Subscription;
// Generate certificate
X509Certificate2 cert = CertUtils.CreateSelfSignedCertificate(VaultCertificateExpiryInHoursForHRM, subscription.Id.ToString(), this.Vault.Name);
ASRSite site = new ASRSite();
if (!string.IsNullOrEmpty(this.SiteIdentifier) && !string.IsNullOrEmpty(this.SiteFriendlyName))
{
site.ID = this.SiteIdentifier;
site.Name = this.SiteFriendlyName;
}
// Generate file.
ASRVaultCreds vaultCreds = RecoveryServicesClient.GenerateVaultCredential(
cert,
this.Vault,
site);
string filePath = string.IsNullOrEmpty(this.Path) ? Utilities.GetDefaultPath() : this.Path;
string fileName = this.GenerateFileName();
// write the content to a file.
VaultSettingsFilePath output = new VaultSettingsFilePath()
{
FilePath = Utilities.WriteToFile<ASRVaultCreds>(vaultCreds, filePath, fileName)
};
// print the path to the user.
this.WriteObject(output, true);
}
/// <summary>
/// Gets the vault credential object
/// </summary>
/// <param name="managementCert">certificate to be uploaded</param>
/// <param name="vault">vault object</param>
/// <returns>credential object</returns>
public ASRVaultCreds GenerateVaultCredential(X509Certificate2 managementCert, ASRVault vault, ASRSite site)
{
ASRVaultCreds currentVaultContext = new ASRVaultCreds(
PSRecoveryServicesClient.asrVaultCreds.SubscriptionId,
PSRecoveryServicesClient.asrVaultCreds.ResourceName,
PSRecoveryServicesClient.asrVaultCreds.ManagementCert,
PSRecoveryServicesClient.asrVaultCreds.AcsNamespace,
PSRecoveryServicesClient.asrVaultCreds.ChannelIntegrityKey,
PSRecoveryServicesClient.asrVaultCreds.ResourceGroupName,
PSRecoveryServicesClient.asrVaultCreds.SiteId,
PSRecoveryServicesClient.asrVaultCreds.SiteName,
PSRecoveryServicesClient.asrVaultCreds.ResourceNamespace,
PSRecoveryServicesClient.asrVaultCreds.ResourceType);
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType);
// Update vault settings with the working vault to generate file
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = vault.ResourceGroupName,
ResourceName = vault.Name,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
// Get Channel Integrity key
string channelIntegrityKey;
Task <string> getChannelIntegrityKey = this.GetChannelIntegrityKey();
// Making sure we can generate the file, once the SDK and portal are inter-operable
// upload certificate and fetch of ACIK can be made parallel to improvve the performace.
getChannelIntegrityKey.Wait();
// Upload certificate
UploadCertificateResponse acsDetails;
Task <UploadCertificateResponse> uploadCertificate = this.UpdateVaultCertificate(managementCert);
uploadCertificate.Wait();
acsDetails = uploadCertificate.Result;
channelIntegrityKey = getChannelIntegrityKey.Result;
ASRVaultCreds asrVaultCreds = this.GenerateCredentialObject(
managementCert,
acsDetails,
channelIntegrityKey,
vault,
site);
// Update back the original vault settings
Utilities.UpdateCurrentVaultContext(currentVaultContext);
return(asrVaultCreds);
}
/// <summary>
/// Method to generate the credential file content
/// </summary>
/// <param name="managementCert">management cert</param>
/// <param name="acsDetails">ACS details</param>
/// <param name="channelIntegrityKey">Integrity key</param>
/// <param name="vault">vault object</param>
/// <param name="site">site object</param>
/// <returns>vault credential object</returns>
private ASRVaultCreds GenerateCredentialObject(X509Certificate2 managementCert, UploadCertificateResponse acsDetails, string channelIntegrityKey, ASRVault vault, ASRSite site)
{
string serializedCertifivate = Convert.ToBase64String(managementCert.Export(X509ContentType.Pfx));
AcsNamespace acsNamespace = new AcsNamespace(acsDetails);
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType);
ASRVaultCreds vaultCreds = new ASRVaultCreds(
vault.SubscriptionId,
vault.Name,
serializedCertifivate,
acsNamespace,
channelIntegrityKey,
vault.ResourceGroupName,
site.ID,
site.Name,
resourceProviderNamespace,
resourceType);
return(vaultCreds);
}
/// <summary>
/// Method to generate the credential file content
/// </summary>
/// <param name="managementCert">management cert</param>
/// <param name="acsDetails">ACS details</param>
/// <param name="channelIntegrityKey">Integrity key</param>
/// <param name="vault">vault object</param>
/// <param name="site">site object</param>
/// <returns>vault credential object</returns>
private ASRVaultCreds GenerateCredentialObject(X509Certificate2 managementCert, UploadCertificateResponse acsDetails, string channelIntegrityKey, ASRVault vault, ASRSite site)
{
string serializedCertifivate = Convert.ToBase64String(managementCert.Export(X509ContentType.Pfx));
AcsNamespace acsNamespace = new AcsNamespace(acsDetails);
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType);
ASRVaultCreds vaultCreds = new ASRVaultCreds(
vault.SubscriptionId,
vault.Name,
serializedCertifivate,
acsNamespace,
channelIntegrityKey,
vault.ResouceGroupName,
site.ID,
site.Name,
resourceProviderNamespace,
resourceType);
return vaultCreds;
}
