Exemple #1
0
 public AcmeService(IAcmeConfig config, IAuthorizationChallengeProvider authorizeChallengeProvider)
 {
     this.baseURI    = config.BaseUri ?? (config.UseProduction ? "https://acme-v01.api.letsencrypt.org/" : "https://acme-staging.api.letsencrypt.org/");
     this.configPath = ConfigPath(this.baseURI);
     this.config     = config;
     this.authorizeChallengeProvider = authorizeChallengeProvider;
 }
Exemple #2
0
 public CertificateManager(IAzureWebAppEnvironment settings, IAcmeConfig acmeConfig, ICertificateService certificateService, IAuthorizationChallengeProvider challengeProvider)
 {
     this.settings           = settings;
     this.certificateService = certificateService;
     this.acmeConfig         = acmeConfig;
     this.challengeProvider  = challengeProvider;
 }
Exemple #3
0
        internal async Task <CertificateInstallModel> RequestAndInstallInternalAsync(IAcmeConfig config)
        {
            Trace.TraceInformation("RequestAndInstallInternal");
            var model = await RequestInternalAsync(config);

            this.certificateService.Install(model);
            return(model);
        }
Exemple #4
0
        private static async Task ValidateResponse(IAcmeConfig acmeConfig, HttpResponseMessage res)
        {
            var bodyResp = await res.Content.ReadAsStringAsync();

            Console.WriteLine(bodyResp);
            Assert.AreEqual(System.Net.HttpStatusCode.OK, res.StatusCode);

            var certificateModel = JsonConvert.DeserializeObject <CertificateInstallModel>(bodyResp);
            var cert             = new X509Certificate(certificateModel.CertificateInfo.PfxCertificate, acmeConfig.PFXPassword);

            Assert.IsTrue(cert.Subject.Contains(acmeConfig.Host));
            File.WriteAllBytes(acmeConfig.Host + ".pfx", certificateModel.CertificateInfo.PfxCertificate);
        }
Exemple #5
0
 /// <summary>
 /// For backwards compatability
 /// </summary>
 /// <param name="config"></param>
 public CertificateManager(AppSettingsAuthConfig config)
 {
     this.settings          = config;
     this.acmeConfig        = config;
     this.challengeProvider = new KuduFileSystemAuthorizationChallengeProvider(this.settings, new AuthorizationChallengeProviderConfig()
     {
         DisableWebConfigUpdate = config.DisableWebConfigUpdate
     });
     this.certificateService = new CertificateService(this.settings, new CertificateServiceSettings()
     {
         UseIPBasedSSL = config.UseIPBasedSSL
     });
 }
Exemple #6
0
        internal async Task <CertificateInstallModel> RequestInternalAsync(IAcmeConfig config)
        {
            var service = new AcmeService(config, this.challengeProvider);

            var cert = await service.RequestCertificate();

            var model = new CertificateInstallModel()
            {
                CertificateInfo   = cert,
                AllDnsIdentifiers = config.Hostnames.ToList(),
                Host = config.Host,
            };

            return(model);
        }
Exemple #7
0
        internal async Task <CertificateInstallModel> RequestAndInstallInternalAsync(IAcmeConfig config)
        {
            Trace.TraceInformation("RequestAndInstallInternal");
            try
            {
                var model = await RequestInternalAsync(config);

                await this.certificateService.Install(model);

                return(model);
            }
            catch (Exception e)
            {
                Console.WriteLine($"Error during Request or install certificate {e.ToString()}");
                Trace.TraceError($"Error during Request or install certificate {e.ToString()}");
                throw;
            }
        }
Exemple #8
0
        /// <summary>
        /// For backwards compatability
        /// </summary>
        /// <param name="config"></param>
        public CertificateManager(AppSettingsAuthConfig config)
        {
            this.settings   = config;
            this.acmeConfig = config;
            string storageAccount = AuthorizationChallengeBlobStorageAccount();

            if (string.IsNullOrEmpty(storageAccount))
            {
                this.challengeProvider = new KuduFileSystemAuthorizationChallengeProvider(this.settings, new AuthorizationChallengeProviderConfig()
                {
                    DisableWebConfigUpdate = config.DisableWebConfigUpdate
                });
            }
            else
            {
                this.challengeProvider = NewBlobStorageAuthorizationChallengeProvider();
            }
            this.certificateService = new WebAppCertificateService(this.settings, new CertificateServiceSettings()
            {
                UseIPBasedSSL = config.UseIPBasedSSL
            });
        }
Exemple #9
0
        public AcmeService(IAcmeConfig config, IAuthorizationChallengeProvider authorizeChallengeProvider)
        {
            if (string.IsNullOrEmpty(config.BaseUri))
            {
                this.acmeenvironment = (config.UseProduction ? WellKnownServers.LetsEncryptV2 : WellKnownServers.LetsEncryptStagingV2);
            }
            else
            {
                this.acmeenvironment = new Uri(config.BaseUri);
            }

            if (string.Equals(this.acmeenvironment.Host, "acme-v01.api.letsencrypt.org", StringComparison.InvariantCultureIgnoreCase) ||
                string.Equals(this.acmeenvironment.Host, "acme-staging.api.letsencrypt.org", StringComparison.InvariantCultureIgnoreCase))
            {
                throw new ArgumentException($"Please use let's encrypt version 2 API, baseUri was set to {this.acmeenvironment}");
            }


            this.configPath = ConfigPath(this.acmeenvironment.AbsoluteUri);
            this.config     = config;
            this.authorizeChallengeProvider = authorizeChallengeProvider;
        }
Exemple #10
0
        internal async Task <string> RequestAndInstallInternalAsync(IAcmeConfig config)
        {
            try
            {
                Trace.TraceInformation("RequestAndInstallInternal");
                var service = new AcmeService(config, this.challengeProvider);

                var cert = await service.RequestCertificate();

                this.certificateService.Install(new CertificateInstallModel()
                {
                    CertificateInfo   = cert,
                    AllDnsIdentifiers = config.Hostnames.ToList(),
                    Host = config.Host,
                });
                return(cert.Certificate.Thumbprint);
            }
            catch (Exception ex)
            {
                Trace.TraceError("Unabled to create Azure Web Site Management client " + ex.ToString());
                throw;
            }
        }
Exemple #11
0
 /// <summary>
 /// Returns a <see cref="CertificateManager"/> configured to use HTTP Challenge, placing the challenge file on Azure Web App
 /// using Kudu, and assigning the obtained certificate directly to the web app service.
 /// </summary>
 /// <param name="settings"></param>
 /// <param name="acmeConfig"></param>
 /// <param name="certSettings"></param>
 /// <param name="authProviderConfig"></param>
 /// <returns></returns>
 public static CertificateManager CreateKuduWebAppCertificateManager(IAzureWebAppEnvironment settings, IAcmeConfig acmeConfig, IWebAppCertificateSettings certSettings, IAuthorizationChallengeProviderConfig authProviderConfig)
 {
     return(new CertificateManager(settings, acmeConfig, new WebAppCertificateService(settings, certSettings), new KuduFileSystemAuthorizationChallengeProvider(settings, authProviderConfig)));
 }
Exemple #12
0
 /// <summary>
 /// Returns a <see cref="CertificateManager"/> configured to use HTTP Challenge, placing the challenge file on Azure Blob Storage,
 /// and assigning the obtained certificate directly to the web app service.
 /// </summary>
 /// <param name="settings"></param>
 /// <param name="acmeConfig"></param>
 /// <param name="certSettings"></param>
 /// <returns></returns>
 public static CertificateManager CreateBlobWebAppCertificateManager(IAzureWebAppEnvironment settings, IAcmeConfig acmeConfig, IWebAppCertificateSettings certSettings)
 {
     return(new CertificateManager(settings, acmeConfig, new WebAppCertificateService(settings, certSettings), NewBlobStorageAuthorizationChallengeProvider()));
 }
Exemple #13
0
 public CertificateManager(IAzureEnvironment settings, IAcmeConfig acmeConfig, ICertificateServiceSettings certSettings, IAuthorizationChallengeProviderConfig authProviderConfig)
     : this(settings, acmeConfig, new CertificateService(settings, certSettings), new KuduFileSystemAuthorizationChallengeProvider(settings, authProviderConfig))
 {
 }
Exemple #14
0
 /// <summary>
 /// Request a certificate from lets encrypt using the DNS challenge, placing the challenge record in Azure DNS.
 /// The certifiacte is not assigned, but just returned.
 /// </summary>
 /// <param name="azureDnsEnvironment"></param>
 /// <param name="acmeConfig"></param>
 /// <returns></returns>
 public static async Task <CertificateInstallModel> RequestDnsChallengeCertificate(IAzureDnsEnvironment azureDnsEnvironment, IAcmeConfig acmeConfig)
 {
     return(await new CertificateManager(null, acmeConfig, null, new AzureDnsAuthorizationChallengeProvider(azureDnsEnvironment)).RequestInternalAsync(acmeConfig));
 }
Exemple #15
0
 /// <summary>
 /// Returns a <see cref="CertificateManager"/> configured to use DNS Challenge, placing the challenge record in Azure DNS,
 /// and assigning the obtained certificate directly to the web app service.
 /// </summary>
 /// <param name="settings"></param>
 /// <param name="acmeConfig"></param>
 /// <param name="certSettings"></param>
 /// <param name="dnsEnvironment"></param>
 /// <returns></returns>
 public static CertificateManager CreateAzureDnsWebAppCertificateManager(IAzureWebAppEnvironment settings, IAcmeConfig acmeConfig, IWebAppCertificateSettings certSettings, IAzureDnsEnvironment dnsEnvironment)
 {
     return(new CertificateManager(settings, acmeConfig, new WebAppCertificateService(settings, certSettings), new AzureDnsAuthorizationChallengeProvider(dnsEnvironment)));
 }
Exemple #16
0
 internal CertificateInstallModel RequestAndInstallInternal(IAcmeConfig config)
 {
     return(RequestAndInstallInternalAsync(config).GetAwaiter().GetResult());
 }
Exemple #17
0
 internal string RequestAndInstallInternal(IAcmeConfig config)
 {
     return(RequestAndInstallInternalAsync(config).GetAwaiter().GetResult());
 }