public void OverridesDefaultAcmeServer(string environmentName) { var env = new HostingEnvironment { EnvironmentName = environmentName }; var useStaging = new LetsEncryptOptions { UseStagingServer = true, }; Assert.Equal( WellKnownServers.LetsEncryptStagingV2, useStaging.GetAcmeServer(env)); var useProduction = new LetsEncryptOptions { UseStagingServer = false, }; Assert.Equal( WellKnownServers.LetsEncryptV2, useProduction.GetAcmeServer(env)); }
private void EnsureAgreementToTermsOfServices(LetsEncryptOptions options, Uri tosUri) { if (options.AcceptTermsOfService) { return; } if (!Console.IsInputRedirected) { Console.BackgroundColor = ConsoleColor.DarkBlue; Console.ForegroundColor = ConsoleColor.White; Console.WriteLine("By proceeding, you must agree with Let's Encrypt terms of services."); Console.WriteLine(tosUri); Console.Write("Do you accept? [Y/n] "); Console.ResetColor(); try { Console.CursorVisible = true; } catch { } var result = Console.ReadLine().Trim(); if (string.IsNullOrEmpty(result) || string.Equals("y", result, StringComparison.OrdinalIgnoreCase)) { return; } } _logger.LogError($"You must accept the terms of service to continue."); throw new InvalidOperationException("Could not automatically accept the terms of service"); }
public CertificateValidator( LetsEncryptOptions options, ILogger <CertificateValidator> logger) { _options = options; _logger = logger; }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure <CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); var cacheFolder = "certcache"; if (!Directory.Exists(cacheFolder)) { Directory.CreateDirectory(cacheFolder); } var leOptions = new LetsEncryptOptions { EmailAddress = "*****@*****.**", AcceptTermsOfService = true, CacheFolder = cacheFolder, Hosts = new string[] { "example.com" }, EncryptionPassword = "******", }; services.AddHttpsRedirection(options => { options.RedirectStatusCode = StatusCodes.Status307TemporaryRedirect; options.HttpsPort = 443; }); services.AddLetsEncrypt(leOptions); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2); }
public X509CertStoreTests(ITestOutputHelper output) { _output = output; _options = new LetsEncryptOptions(); _certStore = new X509CertStore(Options.Create(_options), NullLogger <X509CertStore> .Instance) { AllowInvalidCerts = true }; }
/// <summary> /// The uri to the server that implements the ACME protocol for certificate generation. /// </summary> internal static Uri GetAcmeServer(LetsEncryptOptions options, IHostEnvironment env) { var useStaging = options.UseStagingServerExplicitlySet ? options.UseStagingServer : env.IsDevelopment(); return(useStaging ? WellKnownServers.LetsEncryptStagingV2 : WellKnownServers.LetsEncryptV2); }
public CertificateStore( IOptionsMonitor <LetsEncryptOptions> options, IEnumerable <ICertificateStoreProvider> providers, ILogger <CertificateStore> logger) { _options = options.CurrentValue; options.OnChange((newOptions) => _options = newOptions); _providers = providers ?? throw new ArgumentNullException(nameof(providers)); _logger = logger ?? throw new ArgumentNullException(nameof(logger)); }
public AzureAppServiceSslBindingCertificatePersistenceStrategy( AzureOptions azureOptions, LetsEncryptOptions letsEncryptOptions, ILogger <IAzureAppServiceSslBindingCertificatePersistenceStrategy> logger) { _azureOptions = azureOptions; _letsEncryptOptions = letsEncryptOptions; _logger = logger; _client = Authenticate(); }
private static void ValidateOptions(LetsEncryptOptions options) { options.ArgNotNull(nameof(options)); // Validate options options.Email.OptionNotBlank(nameof(LetsEncryptOptions.Email)); options.Hostname.OptionNotBlank(nameof(LetsEncryptOptions.Hostname)); options.FriendlyName.OptionNotBlank(nameof(LetsEncryptOptions.FriendlyName)); // Validate authority options options.Authority?.Name.OptionNotBlank($"{nameof(LetsEncryptOptions.Authority)}.{nameof(Authority.Name)}"); options.Authority?.DirectoryUri.OptionNotBlank($"{nameof(LetsEncryptOptions.Authority)}.{nameof(Authority.DirectoryUri)}"); }
public AcmeChallengeRequester( LetsEncryptOptions options, IEnumerable <ILogger> loggers, IApplicationLifetime application, IHttpChallengeResponseStore responseStore, ICertificateSaver certificateSaver, ErrorReporter errorReporter) { _options = options; _logger = loggers.FirstOrDefault(); _application = application; _responseStore = responseStore; _certificateSaver = certificateSaver; _errorReporter = errorReporter; }
public static void AddFluffySpoonLetsEncrypt( this IServiceCollection services, LetsEncryptOptions options) { services.AddTransient <IConfigureOptions <KestrelServerOptions>, KestrelOptionsSetup>(); services.AddFluffySpoonLetsEncryptPersistenceService(); services.AddSingleton(options); services.AddSingleton <ILetsEncryptClientFactory, LetsEncryptClientFactory>(); services.AddSingleton <ICertificateValidator, CertificateValidator>(); services.AddSingleton <ICertificateProvider, CertificateProvider>(); services.AddTransient <ILetsEncryptRenewalService, LetsEncryptRenewalService>(); services.AddTransient <IHostedService, LetsEncryptRenewalService>(); }
public CertificateProvider( LetsEncryptOptions options, ICertificateValidator certificateValidator, IPersistenceService persistenceService, ILetsEncryptClientFactory clientFactory, ILogger <CertificateProvider> logger) { var domains = options.Domains?.Distinct().ToArray(); if (domains == null || domains.Length == 0) { throw new ArgumentException("Domains configuration invalid"); } _domains = domains; _persistenceService = persistenceService; _clientFactory = clientFactory; _certificateValidator = certificateValidator; _logger = logger; }
public CertificateRenewalService( CertificateSelector certificateSelector, IOptionsMonitor <LetsEncryptOptions> letsEncryptOptions, ICertificateStore certificateStore, ILetsEncryptService letsEncryptService, IOptionsMonitor <TimedHostedServiceOptions> options, IEnumerable <ITimedHostedLifeCycleHook> lifeCycleHooks, ILogger <ITimedHostedService> logger) : base(options, lifeCycleHooks, logger) { _certificateSelector = certificateSelector ?? throw new System.ArgumentNullException(nameof(certificateSelector)); _options = letsEncryptOptions.CurrentValue; letsEncryptOptions.OnChange(newOptions => _options = newOptions); _letsEncryptService = letsEncryptService ?? throw new System.ArgumentNullException(nameof(letsEncryptService)); _logger = logger ?? throw new System.ArgumentNullException(nameof(logger)); _certificateStore = certificateStore ?? throw new System.ArgumentNullException(nameof(certificateStore)); TaskToExecuteAsync = (token) => RequestCertificate(token); }
// This method gets called by the runtime. Use this method to add services to the container. // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940 public void ConfigureServices(IServiceCollection services) { var cacheFolder = "certcache"; if (!Directory.Exists(cacheFolder)) { Directory.CreateDirectory(cacheFolder); } var leOptions = new LetsEncryptOptions { EmailAddress = "*****@*****.**", AcceptTermsOfService = true, CacheFolder = cacheFolder, Hosts = new string[] { "example.com" }, EncryptionPassword = "******", }; services.AddLetsEncrypt(leOptions); services.AddProxy(); }
public void Initialize() { var persistenceService = Substitute.For <IPersistenceService>(); var options = new LetsEncryptOptions { Domains = new[] { "test.com" }, Email = "*****@*****.**", KeyAlgorithm = KeyAlgorithm.ES512, UseStaging = true, }; var certificateValidator = Substitute.For <ICertificateValidator>(); certificateValidator.IsCertificateValid(null).Returns(false); certificateValidator.IsCertificateValid(RefEq(InvalidCert)).Returns(false); certificateValidator.IsCertificateValid(RefEq(ValidCert)).Returns(true); var client = Substitute.For <ILetsEncryptClient>(); var factory = Substitute.For <ILetsEncryptClientFactory>(); factory.GetClient().Returns(Task.FromResult(client)); var sut = new CertificateProvider( options, certificateValidator, persistenceService, factory, NullLogger <CertificateProvider> .Instance); PersistenceService = persistenceService; CertificateValidator = certificateValidator; LetsEncryptClientFactory = factory; LetsEncryptClient = client; Sut = sut; }
public CertificateSelector(IOptionsMonitor <LetsEncryptOptions> options) { _options = options.CurrentValue; options.OnChange(newOptions => _options = newOptions); }
public LetsEncrypt(LetsEncryptOptions options) { Options = options.ArgNotNull(nameof(options)); }