public void IssueCertificate( string id, string issuerId, DateTimeOffset startDate, DateTimeOffset endDate, string requestExtensions, string extensions, int keyLengthInBits = 2048, string signatureAlgorithm = SignatureAlgorithm.Sha256) { Console.Write($"Issuing certificate {id}..."); var context = new IssueCertificateContext( id, issuerId, requestExtensions, extensions, keyLengthInBits, startDate, endDate, signatureAlgorithm, this); Directory.CreateDirectory(OnlineDirectoryPath); Directory.CreateDirectory(context.NewCertsDirectoryPath); GeneratePrivateKey(context); CreateCertificateSigningRequest(context); FulfillCertificateSigningRequest(context); GeneratePfx(context); GenerateX509(context); Console.WriteLine(" done."); }
private void CreateCertificateSigningRequest(IssueCertificateContext context) { if (!string.IsNullOrWhiteSpace(context.Extensions) && context.Extensions.EndsWith("ca_certificate")) { File.WriteAllText(Path.Combine(OutputDirectoryPath, $"{context.Id}.database"), string.Empty); File.WriteAllText(Path.Combine(OutputDirectoryPath, $"{context.Id}.database.attr"), string.Empty); File.WriteAllText(Path.Combine(OutputDirectoryPath, $"{context.Id}.crlnumber"), "1000"); File.WriteAllText(Path.Combine(OutputDirectoryPath, $"{context.Id}.serialnumber"), "01"); } var arguments = new List <string> { "req", "-new", "-key", context.PrivateKeyFilePath, "-out", context.CertificateRequestFilePath, "-config", context.ConfigFilePath, }; if (!string.IsNullOrWhiteSpace(context.RequestExtensions)) { arguments.Add("-reqexts"); arguments.Add(context.RequestExtensions); } Execute(context, arguments.ToArray()); }
private void GeneratePrivateKey(IssueCertificateContext context) { File.Delete(context.PrivateKeyFilePath); var arguments = new List <string> { "genrsa", "-out", context.PrivateKeyFilePath, context.KeyLengthInBits.ToString(), }; Execute(context, arguments.ToArray()); }
private void GeneratePfx(IssueCertificateContext context) { var arguments = new List <string> { "pkcs12", "-export", "-in", context.CertificatePemFilePath, "-inkey", context.PrivateKeyFilePath, "-out", context.CertificatePfxFilePath, "-passout", "pass:", }; Execute(context, arguments.ToArray()); }
private void GenerateX509(IssueCertificateContext context) { var arguments = new List <string> { "x509", "-in", context.CertificatePemFilePath, "-out", context.CertificateCrtFilePath, "-outform", "der", }; Execute(context, arguments.ToArray()); File.Copy( context.CertificateCrtFilePath, Path.Combine(OnlineDirectoryPath, Path.GetFileName(context.CertificateCrtFilePath))); }
private void FulfillCertificateSigningRequest(IssueCertificateContext context) { var arguments = new List <string> { "ca", "-batch", "-in", context.CertificateRequestFilePath, "-out", context.CertificatePemFilePath, "-startdate", FormatDate(context.StartDate), "-enddate", FormatDate(context.EndDate), "-md", context.SignatureAlgorithm, "-extensions", context.Extensions, "-extfile", context.ConfigFilePath, "-config", context.ConfigFilePath, "-notext", }; if (context.Id == context.IssuerId) { arguments.Add("-selfsign"); } Execute(context, arguments.ToArray()); }