/// <summary>
/// Save certificate in the right place, either to the certifcate store
/// or to the central ssl store
/// </summary>
/// <param name="bindings">For which bindings is this certificate meant</param>
/// <param name="certificate">The certificate itself</param>
/// <param name="certificatePfx">The location of the PFX file in the local filesystem.</param>
/// <param name="store">Certificate store to use when saving to one</param>
public static X509Store SaveCertificate(List <string> bindings, X509Certificate2 certificate, FileInfo certificatePfx = null)
{
if (_options.CentralSsl)
{
_log.Information("Copying certificate to the Central SSL store");
_centralSslService.InstallCertificate(bindings, certificate, certificatePfx);
return(null);
}
else
{
_log.Information("Installing certificate in the certificate store");
return(_certificateStoreService.InstallCertificate(certificate));
}
}
private void Execute()
{
Log.Initialize(_options);
// no valid cert installed, no valid cert on disk => Authorize a new certificate
// no valid cert installed, valid cert on disk => install current certificate
// valid cert installed, less then 60 days old => no action
// valid cert installed, more then 60 days old => Authorize a new certificate
CertificateStatus status = _acmeCertificateService.IsCurrentCertificateValid();
try
{
//--renew is more important than --installonly
if ((!_options.InstallOnly || _options.Renew) && status != CertificateStatus.OK)
{
_acmeClient.Initialize();
_acmeCertificateService.RetrieveNewCertificate();
}
}
catch (Exception e)
{
Log.Error(e.ToString());
}
finally
{
if (!_options.DoNotBlockHttp)
{
_firewallService.BlockHttpPort();
}
}
_certificateStoreService.InstallCertificate(status);
if (!_options.Renew)
{
_renewalService.ScheduleRenewTask();
}
}
