public virtual async Task AcmeGetChallengeFileRequestHandler(HttpRequest request, HttpResponse response, RouteData routeData) { try { AcmeAccount?currentAccount = GlobalCertVault.GetAcmeAccountForChallengeResponse(); string retStr; if (currentAccount == null) { retStr = "Error: GlobalCertVault.GetAcmeAccountForChallengeResponse() == null"; } else { string token = routeData.Values._GetStr("token"); retStr = currentAccount.ProcessChallengeRequest(token); } await response._SendStringContents(retStr, Consts.MimeTypes.OctetStream); } catch (Exception ex) { ex._Debug(); throw; } }
async Task AcmeIssueAsync(AcmeAccount account, string fqdn, FilePath crtFileName, CancellationToken cancel) { cancel.ThrowIfCancellationRequested(); AcmeOrder order = await account.NewOrderAsync(fqdn, cancel); if (this.IsGlobalCertVault) { GlobalCertVault.SetAcmeAccountForChallengeResponse(account); } CertificateStore store = await order.FinalizeAsync(this.AcmeCertKey !, cancel); IsAcmeCertUpdated = true; store.ExportChainedPem(out ReadOnlyMemory <byte> certData, out _); crtFileName.WriteDataToFile(certData, additionalFlags: FileFlags.AutoCreateDirectory); }
public void ConfigureKestrelServerOptions(KestrelServerOptions opt, object?sslCertSelectorParam) { opt.AddServerHeader = !this.HideKestrelServerHeader; KestrelServerWithStackOptions?withStackOpt = opt as KestrelServerWithStackOptions; if (this.LocalHostOnly) { foreach (int port in this.HttpPortsList) { opt.ListenLocalhost(port); } foreach (int port in this.HttpsPortsList) { opt.ListenLocalhost(port, lo => EnableHttps(lo)); } } else if (this.IPv4Only) { foreach (int port in this.HttpPortsList) { opt.Listen(IPAddress.Any, port); } foreach (int port in this.HttpsPortsList) { opt.Listen(IPAddress.Any, port, lo => EnableHttps(lo)); } } else { foreach (int port in this.HttpPortsList) { opt.ListenAnyIP(port); } foreach (int port in this.HttpsPortsList) { opt.ListenAnyIP(port, lo => EnableHttps(lo)); } } opt.Limits.MaxRequestBodySize = this.MaxRequestBodySize; if (withStackOpt != null) { // Kestrel with Stack withStackOpt.TcpIp = this.TcpIp ?? LocalNet; } void EnableHttps(ListenOptions listenOptions) { listenOptions.UseHttps(httpsOptions => { httpsOptions.SslProtocols = SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12; bool useGlobalCertVault = false; #if CORES_BASIC_JSON #if CORES_BASIC_SECURITY useGlobalCertVault = this.UseGlobalCertVault; #endif // CORES_BASIC_JSON #endif // CORES_BASIC_SECURITY; if (useGlobalCertVault == false) { if (this.ServerCertSelector != null) { httpsOptions.ServerCertificateSelector = ((ctx, sni) => this.ServerCertSelector(sslCertSelectorParam, sni)); } } #if CORES_BASIC_JSON #if CORES_BASIC_SECURITY if (useGlobalCertVault) { if (this.GlobalCertVaultDefauleCert != null) { GlobalCertVault.SetDefaultCertificate(this.GlobalCertVaultDefauleCert); } httpsOptions.ServerCertificateSelector = ((ctx, sni) => (X509Certificate2)GlobalCertVault.GetGlobalCertVault().X509CertificateSelector(sni, !this.HasHttpPort80).NativeCertificate); } #endif // CORES_BASIC_JSON #endif // CORES_BASIC_SECURITY; }); } }