public ServiceData(string domain, AllowedServices flags) { this.domain = domain; this.thumbprint = null; this.flag = flags; this.iisServices = new List <IisService>(); }
protected void EnableForServices(X509Certificate2 cert, AllowedServices services) { try { ManageExchangeCertificate.EnableForServices(cert, services, this.webSiteName, !this.DoNotRequireSsl, (ITopologyConfigurationSession)base.DataSession, this.localServer, null, false, this.NetworkServiceAllowed); } catch (IISNotInstalledException) { base.WriteError(new ArgumentException(Strings.IISNotInstalled, "Services"), ErrorCategory.InvalidArgument, null); } catch (InvalidOperationException exception) { base.WriteError(exception, ErrorCategory.ObjectNotFound, null); } catch (LocalizedException exception2) { base.WriteError(exception2, ErrorCategory.NotSpecified, null); } }
protected override void InternalProcessRecord() { X509Certificate2 x509Certificate = null; if (!string.IsNullOrEmpty(this.thumbprint)) { this.thumbprint = ManageExchangeCertificate.UnifyThumbprintFormat(this.thumbprint); x509Certificate = this.FindCertificate(this.thumbprint); if (x509Certificate == null) { base.WriteError(new ArgumentException(Strings.CertificateNotFound(this.thumbprint), "Thumbprint"), ErrorCategory.InvalidArgument, this.thumbprint); } } else { AllowedServices allowedServices = this.Services; if (allowedServices != AllowedServices.IIS && allowedServices != (AllowedServices.IMAP | AllowedServices.POP | AllowedServices.IIS)) { if (allowedServices != AllowedServices.SMTP) { return; } } else { x509Certificate = this.FindIisCertificate(); } if (x509Certificate == null && this.Services != AllowedServices.SMTP) { try { x509Certificate = InstallExchangeCertificate.GetDefaultCertificate(); } catch (ArgumentException exception) { base.WriteError(exception, ErrorCategory.InvalidData, null); return; } } if (x509Certificate == null) { if (!this.rawDomains.Any <string>()) { base.WriteError(new UnableToResolveValidDomainExchangeCertificateTasksException(ComputerInformation.DnsHostName, ComputerInformation.DnsPhysicalHostName, ComputerInformation.DnsFullyQualifiedDomainName, ComputerInformation.DnsPhysicalFullyQualifiedDomainName), ErrorCategory.InvalidOperation, null); } try { x509Certificate = this.GenerateSelfSignedCertificate(); } catch (CryptographicException exception2) { base.WriteError(exception2, ErrorCategory.InvalidOperation, null); } } if (x509Certificate != null && this.InstallInTrustedRootCAIfSelfSigned && TlsCertificateInfo.IsSelfSignedCertificate(x509Certificate)) { TlsCertificateInfo.TryInstallCertificateInTrustedRootCA(x509Certificate); } } base.WriteVerbose(Strings.CertificateInformation(x509Certificate.Issuer, x509Certificate.NotBefore, x509Certificate.NotAfter, x509Certificate.Subject)); if ((DateTime)ExDateTime.Now < x509Certificate.NotBefore || (DateTime)ExDateTime.Now > x509Certificate.NotAfter) { base.WriteError(new CryptographicException(Strings.CertificateStatusDateInvalid), ErrorCategory.InvalidData, null); } try { this.EnableForServices(x509Certificate, this.Services); } catch (IISNotInstalledException) { base.WriteError(new ArgumentException(Strings.IISNotInstalled, "Services"), ErrorCategory.InvalidArgument, null); } catch (InvalidOperationException exception3) { base.WriteError(exception3, ErrorCategory.ObjectNotFound, null); } }
protected override void InternalProcessRecord() { base.InternalProcessRecord(); if (base.HasErrors) { return; } ExchangeCertificateRpcVersion exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1; byte[] outputBlob = null; try { byte[] inBlob = this.inputParams.SerializeInputParameters(ExchangeCertificateRpcVersion.Version2); ExchangeCertificateRpcClient2 exchangeCertificateRpcClient = new ExchangeCertificateRpcClient2(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient.CreateCertificate2(0, inBlob); exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version2; } catch (RpcException) { exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1; } if (exchangeCertificateRpcVersion == ExchangeCertificateRpcVersion.Version1) { try { byte[] inBlob2 = this.inputParams.SerializeInputParameters(ExchangeCertificateRpcVersion.Version1); ExchangeCertificateRpcClient exchangeCertificateRpcClient2 = new ExchangeCertificateRpcClient(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient2.CreateCertificate(0, inBlob2); } catch (RpcException e) { ManageExchangeCertificate.WriteRpcError(e, this.serverObject.Name, new Task.TaskErrorLoggingDelegate(base.WriteError)); } } ExchangeCertificateRpc exchangeCertificateRpc = new ExchangeCertificateRpc(exchangeCertificateRpcVersion, null, outputBlob); ExchangeCertificateRpc.OutputTaskMessages(this.serverObject, exchangeCertificateRpc, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskErrorLoggingDelegate(base.WriteError)); if (this.GenerateRequest) { this.ProcessRequestResults(exchangeCertificateRpc.ReturnCert, exchangeCertificateRpc.ReturnCertRequest); return; } if (exchangeCertificateRpc.ReturnConfirmationList != null) { foreach (KeyValuePair <AllowedServices, LocalizedString> keyValuePair in exchangeCertificateRpc.ReturnConfirmationList) { if (base.ShouldContinue(keyValuePair.Value)) { ExchangeCertificateRpc exchangeCertificateRpc2 = new ExchangeCertificateRpc(); exchangeCertificateRpc2.EnableAllowConfirmation = false; exchangeCertificateRpc2.EnableServices = keyValuePair.Key; AllowedServices key = keyValuePair.Key; if (key == AllowedServices.SMTP) { exchangeCertificateRpc2.EnableUpdateAD = true; } exchangeCertificateRpc2.EnableByThumbprint = exchangeCertificateRpc.ReturnCert.Thumbprint; try { byte[] inBlob3 = exchangeCertificateRpc2.SerializeInputParameters(exchangeCertificateRpcVersion); if (exchangeCertificateRpcVersion == ExchangeCertificateRpcVersion.Version1) { ExchangeCertificateRpcClient exchangeCertificateRpcClient3 = new ExchangeCertificateRpcClient(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient3.EnableCertificate(0, inBlob3); } else { ExchangeCertificateRpcClient2 exchangeCertificateRpcClient4 = new ExchangeCertificateRpcClient2(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient4.EnableCertificate2(0, inBlob3); } exchangeCertificateRpc.ReturnCert.Services |= keyValuePair.Key; } catch (RpcException e2) { ManageExchangeCertificate.WriteRpcError(e2, this.serverObject.Name, new Task.TaskErrorLoggingDelegate(base.WriteError)); } ExchangeCertificateRpc outputValues = new ExchangeCertificateRpc(exchangeCertificateRpcVersion, null, outputBlob); ExchangeCertificateRpc.OutputTaskMessages(this.serverObject, outputValues, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskErrorLoggingDelegate(base.WriteError)); } } } exchangeCertificateRpc.ReturnCert.Identity = this.serverObject.Fqdn + "\\" + exchangeCertificateRpc.ReturnCert.Thumbprint; base.WriteObject(exchangeCertificateRpc.ReturnCert); }
protected override void InternalProcessRecord() { base.InternalProcessRecord(); if (base.HasErrors) { return; } ExchangeCertificateRpc exchangeCertificateRpc = new ExchangeCertificateRpc(); exchangeCertificateRpc.EnableByThumbprint = this.Thumbprint; exchangeCertificateRpc.EnableServices = this.Services; exchangeCertificateRpc.RequireSsl = !this.DoNotRequireSsl; exchangeCertificateRpc.EnableAllowConfirmation = !this.Force; exchangeCertificateRpc.EnableNetworkService = this.NetworkServiceAllowed; ExchangeCertificateRpcVersion exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1; byte[] outputBlob = null; try { byte[] inBlob = exchangeCertificateRpc.SerializeInputParameters(ExchangeCertificateRpcVersion.Version2); ExchangeCertificateRpcClient2 exchangeCertificateRpcClient = new ExchangeCertificateRpcClient2(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient.EnableCertificate2(0, inBlob); exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version2; } catch (RpcException) { exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1; } if (exchangeCertificateRpcVersion == ExchangeCertificateRpcVersion.Version1) { try { byte[] inBlob2 = exchangeCertificateRpc.SerializeInputParameters(exchangeCertificateRpcVersion); ExchangeCertificateRpcClient exchangeCertificateRpcClient2 = new ExchangeCertificateRpcClient(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient2.EnableCertificate(0, inBlob2); } catch (RpcException e) { ManageExchangeCertificate.WriteRpcError(e, this.serverObject.Name, new Task.TaskErrorLoggingDelegate(base.WriteError)); } } ExchangeCertificateRpc exchangeCertificateRpc2 = new ExchangeCertificateRpc(exchangeCertificateRpcVersion, null, outputBlob); ExchangeCertificateRpc.OutputTaskMessages(this.serverObject, exchangeCertificateRpc2, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskErrorLoggingDelegate(base.WriteError)); if (exchangeCertificateRpc2.ReturnConfirmationList != null) { foreach (KeyValuePair <AllowedServices, LocalizedString> keyValuePair in exchangeCertificateRpc2.ReturnConfirmationList) { if (base.ShouldContinue(keyValuePair.Value)) { ExchangeCertificateRpc exchangeCertificateRpc3 = new ExchangeCertificateRpc(); exchangeCertificateRpc3.EnableAllowConfirmation = false; exchangeCertificateRpc3.EnableByThumbprint = this.Thumbprint; exchangeCertificateRpc3.RequireSsl = !this.DoNotRequireSsl; exchangeCertificateRpc3.EnableNetworkService = this.NetworkServiceAllowed; exchangeCertificateRpc3.EnableServices = keyValuePair.Key; AllowedServices key = keyValuePair.Key; if (key == AllowedServices.SMTP) { exchangeCertificateRpc3.EnableUpdateAD = true; } try { byte[] inBlob3 = exchangeCertificateRpc3.SerializeInputParameters(exchangeCertificateRpcVersion); if (exchangeCertificateRpcVersion == ExchangeCertificateRpcVersion.Version1) { ExchangeCertificateRpcClient exchangeCertificateRpcClient3 = new ExchangeCertificateRpcClient(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient3.EnableCertificate(0, inBlob3); } else { ExchangeCertificateRpcClient2 exchangeCertificateRpcClient4 = new ExchangeCertificateRpcClient2(this.serverObject.Name); outputBlob = exchangeCertificateRpcClient4.EnableCertificate2(0, inBlob3); } } catch (RpcException e2) { ManageExchangeCertificate.WriteRpcError(e2, this.serverObject.Name, new Task.TaskErrorLoggingDelegate(base.WriteError)); } exchangeCertificateRpc2 = new ExchangeCertificateRpc(exchangeCertificateRpcVersion, null, outputBlob); ExchangeCertificateRpc.OutputTaskMessages(this.serverObject, exchangeCertificateRpc2, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskErrorLoggingDelegate(base.WriteError)); } } } }
internal Dictionary <RpcOutput, object> BuildOutputParameters(byte[] blob) { Dictionary <RpcOutput, object> dictionary = new Dictionary <RpcOutput, object>(); object[] array = (object[])this.DeserializeObject(blob, false); for (int i = 0; i < array.Length; i += 2) { RpcOutput rpcOutput = (RpcOutput)this.DeserializeObject((byte[])array[i], true); object obj = this.DeserializeObject((byte[])array[i + 1], true); if (obj != null) { RpcOutput rpcOutput2 = rpcOutput; switch (rpcOutput2) { case RpcOutput.ExchangeCertList: { List <ExchangeCertificate> list = new List <ExchangeCertificate>(); foreach (object obj2 in (object[])obj) { list.Add(new ExchangeCertificate((object[])this.DeserializeObject((byte[])obj2, true))); } obj = list; break; } case RpcOutput.ExchangeCert: obj = new ExchangeCertificate((object[])obj); break; default: switch (rpcOutput2) { case RpcOutput.TaskWarningList: { List <LocalizedString> list2 = new List <LocalizedString>(); foreach (object obj3 in (object[])obj) { list2.Add((LocalizedString)this.DeserializeObject((byte[])obj3, true)); } obj = list2; break; } case RpcOutput.TaskConfirmationList: { object[] array4 = (object[])obj; Dictionary <AllowedServices, LocalizedString> dictionary2 = new Dictionary <AllowedServices, LocalizedString>(); for (int l = 0; l < array4.Length; l += 2) { AllowedServices key = (AllowedServices)this.DeserializeObject((byte[])array4[l], true); LocalizedString value = (LocalizedString)this.DeserializeObject((byte[])array4[l + 1], true); dictionary2[key] = value; } obj = dictionary2; break; } } break; } } dictionary[rpcOutput] = obj; } return(dictionary); }
internal static Dictionary <AllowedServices, LocalizedString> EnableForServices(X509Certificate2 cert, AllowedServices services, string websiteName, bool requireSsl, ITopologyConfigurationSession dataSession, Server server, List <LocalizedString> warningList, bool allowConfirmation, bool forceNetworkService) { Dictionary <AllowedServices, LocalizedString> dictionary = new Dictionary <AllowedServices, LocalizedString>(3); if (dataSession == null) { throw new ArgumentNullException("dataSession"); } if (server == null) { throw new ArgumentNullException("server"); } if ((services & AllowedServices.IIS) != AllowedServices.None) { if (allowConfirmation && !IisUtility.SslRequiredOnTheRoot(null) && requireSsl) { dictionary[AllowedServices.IIS] = Strings.ConfirmEnforceRequireSslOnRoot; } else { IisUtility.SetSslCertificateByName(websiteName, cert, requireSsl); } } if ((services & AllowedServices.POP) != AllowedServices.None || (services & AllowedServices.IMAP) != AllowedServices.None || (services & AllowedServices.SMTP) != AllowedServices.None || forceNetworkService) { AccessRule rule = new CryptoKeyAccessRule(new SecurityIdentifier(WellKnownSidType.NetworkServiceSid, null), CryptoKeyRights.GenericRead, AccessControlType.Allow); try { TlsCertificateInfo.AddAccessRule(cert, rule); } catch (CryptographicException innerException) { throw new AddAccessRuleCryptographicException(cert.Thumbprint, innerException); } catch (ArgumentException innerException2) { throw new AddAccessRuleArgumentException(cert.Thumbprint, innerException2); } catch (UnauthorizedAccessException innerException3) { throw new AddAccessRuleUnauthorizedAccessException(cert.Thumbprint, innerException3); } catch (COMException innerException4) { throw new AddAccessRuleCOMException(cert.Thumbprint, innerException4); } } if ((services & AllowedServices.SMTP) != AllowedServices.None) { ManageExchangeCertificate.WarnIfNotBestMatch(new ExchangeCertificate(cert), dataSession, server, warningList); LocalizedString localizedString = ManageExchangeCertificate.UpdateActiveDirectory(cert, dataSession, server, warningList, allowConfirmation); if (localizedString != LocalizedString.Empty) { dictionary[AllowedServices.SMTP] = localizedString; } } if ((services & AllowedServices.POP) != AllowedServices.None) { ManageExchangeCertificate.SetPop3Certificate(cert, dataSession, warningList); } if ((services & AllowedServices.IMAP) != AllowedServices.None) { ManageExchangeCertificate.SetImap4Certificate(cert, dataSession, warningList); } if ((services & AllowedServices.UM) != AllowedServices.None) { ManageExchangeCertificate.SetUMCertificate(cert, server, dataSession, allowConfirmation, dictionary, warningList); } if ((services & AllowedServices.UMCallRouter) != AllowedServices.None) { ManageExchangeCertificate.SetUMCallRouterCertificate(cert, server, dataSession, allowConfirmation, dictionary, warningList); } if (dictionary.Count <= 0) { return(null); } return(dictionary); }
internal static Dictionary <AllowedServices, LocalizedString> EnableForServices(X509Certificate2 cert, AllowedServices services, bool requireSsl, ITopologyConfigurationSession dataSession, Server server, List <LocalizedString> warningList, bool allowConfirmation, bool forceNetworkService) { return(ManageExchangeCertificate.EnableForServices(cert, services, null, requireSsl, dataSession, server, warningList, allowConfirmation, forceNetworkService)); }