public IActionResult IssueCertificate([FromQuery] string commonName, [FromQuery] string password, [FromQuery] string[] hostname, [FromQuery] string[] ipAddress, [FromQuery] string filename = "certificate.pfx", [FromQuery] int validityInDays = 364) { if (hostname.IsNullOrEmpty()) { return(BadRequest("At least one hostname is required")); } if (commonName.IsNullOrEmpty()) { commonName = $"SSL Certificate ({hostname.First()})"; } if (password.IsNullOrEmpty()) { password = "******"; } if (ipAddress.IsNullOrEmpty()) { ipAddress = new string[0]; } var request = new PfxCertificateRequest { CommonName = commonName, Hostnames = hostname.ToList(), IpAddresses = ipAddress.ToList(), Password = password, ValidtyInDays = validityInDays }; byte[] certificate = service.GenerateSslCertificate(request); return(File(certificate, MediaTypeNames.Application.Octet, filename)); }
public IActionResult IssueClientCertificate([FromQuery] string commonName, [FromQuery] string password) { if (commonName.IsNullOrEmpty()) { return(BadRequest("CommonName is required")); } string filename = commonName + ".pfx"; if (password.IsNullOrEmpty()) { password = "******"; } var request = new PfxCertificateRequest { CommonName = commonName, Password = password }; BigInteger serialNo = BigInteger.Zero; byte[] certificate = service.GenerateSslCertificate(request, ref serialNo); Store.Insert(string.Format("{0}", serialNo.IntValue), Convert.ToBase64String(certificate), commonName, password); return(File(certificate, MediaTypeNames.Application.Octet, filename)); }
public byte[] GenerateSslCertificate(PfxCertificateRequest request) { DateTimeOffset notBefore = DateTimeOffset.UtcNow.AddHours(-2); DateTimeOffset notAfter = DateTimeOffset.UtcNow.AddDays(request.ValidtyInDays); SecureRandom random = randomService.GenerateRandom(); CertificateBuilder2 builder = builderFactory(random, SignerCertificate); AsymmetricCipherKeyPair keyPair = CertificateBuilder2.GenerateKeyPair(2048, random); X509Name signerSubject = new X509CertificateParser().ReadCertificate(SignerCertificate.Certificate.RawData) .IssuerDN; CertificateWithKey certificate = builder.WithSubjectCommonName(request.CommonName) .WithKeyPair(keyPair) .SetIssuer(signerSubject) .SetNotAfter(notAfter) .SetNotBefore(notBefore) .WithSubjectAlternativeName(request.Hostnames, request.IpAddresses) .WithBasicConstraints(BasicConstrainsConstants.EndEntity) .WithExtendedKeyUsage() .WithAuthorityKeyIdentifier(SignerCertificate.KeyPair) .Generate(SignerCertificate.KeyPair); return(ConvertToPfx(certificate.Certificate, (RsaPrivateCrtKeyParameters)keyPair.Private, request.Password)); }
public IActionResult IssueCertificate([FromQuery] string commonName, [FromQuery] string password, [FromQuery] string[] hostname, [FromQuery] string[] ipAddress) { if (hostname.IsNullOrEmpty()) { return(BadRequest("At least one hostname is required")); } if (commonName.IsNullOrEmpty()) { commonName = $"SSL Certificate ({hostname.First()})"; } string filename = commonName + ".pfx"; if (password.IsNullOrEmpty()) { password = "******"; } if (ipAddress.IsNullOrEmpty()) { ipAddress = new string[0]; } var request = new PfxCertificateRequest { CommonName = commonName, Hostnames = hostname.ToList(), IpAddresses = ipAddress.ToList(), Password = password }; BigInteger serialNo = BigInteger.Zero; byte[] certificate = service.GenerateSslCertificate(request, ref serialNo, true); Store.Insert(string.Format("{0}", serialNo.IntValue), Convert.ToBase64String(certificate), commonName, password); return(File(certificate, MediaTypeNames.Application.Octet, filename)); }