Exemple #1
0
        public void RefreshCertificateRequest(CertificateRequest certRequ, bool useRootUrl = false)
        {
            AssertInit();
            AssertRegistration();

            var requUri = new Uri(certRequ.Uri);
            if (useRootUrl)
                requUri = new Uri(RootUrl, requUri.PathAndQuery);

            var acmeResp = RequestHttpGet(requUri);

            if (acmeResp.StatusCode != HttpStatusCode.OK && acmeResp.StatusCode != HttpStatusCode.Accepted)
                throw new AcmeProtocolException("Unexpected response status code", acmeResp);

            certRequ.StatusCode = acmeResp.StatusCode;
            certRequ.Links = acmeResp.Links;
            certRequ.SetCertificateContent(acmeResp.RawContent);
            certRequ.RetryAfter = null;

            var certContent = acmeResp.RawContent;
            var retryAfter = acmeResp.Headers[AcmeProtocol.HEADER_RETRY_AFTER];
            if (!string.IsNullOrEmpty(retryAfter))
            {
                // According to spec (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.37)
                // this could be a number of seconds or a date, so we have to parse appropriately
                if (Regex.IsMatch(retryAfter, "[0-9]+"))
                {
                    certRequ.RetryAfter = DateTime.Now.AddSeconds(int.Parse(retryAfter));
                }
                else
                {
                    certRequ.RetryAfter = DateTime.Parse(retryAfter);
                }
            }
        }
        public static string GetIssuerCertificate(CertificateRequest certificate, CertificateProvider cp)
        {
            var linksEnum = certificate.Links;
            if (linksEnum != null)
            {
                var links = new LinkCollection(linksEnum);
                var upLink = links.GetFirstOrDefault("up");
                if (upLink != null)
                {
                    var tmp = Path.GetTempFileName();
                    try
                    {
                        using (var web = new WebClient())
                        {

                            var uri = new Uri(new Uri(BaseURI), upLink.Uri);
                            web.DownloadFile(uri, tmp);
                        }

                        var cacert = new X509Certificate2(tmp);
                        var sernum = cacert.GetSerialNumberString();
                        var tprint = cacert.Thumbprint;
                        var sigalg = cacert.SignatureAlgorithm?.FriendlyName;
                        var sigval = cacert.GetCertHashString();

                        var cacertDerFile = Path.Combine(certificatePath, $"ca-{sernum}-crt.der");
                        var cacertPemFile = Path.Combine(certificatePath, $"ca-{sernum}-crt.pem");

                        if (!File.Exists(cacertDerFile))
                            File.Copy(tmp, cacertDerFile, true);

                        Console.WriteLine($" Saving Issuer Certificate to {cacertPemFile}");
                        Log.Information("Saving Issuer Certificate to {cacertPemFile}", cacertPemFile);
                        if (!File.Exists(cacertPemFile))
                            using (FileStream source = new FileStream(cacertDerFile, FileMode.Open),
                                    target = new FileStream(cacertPemFile, FileMode.Create))
                            {
                                var caCrt = cp.ImportCertificate(EncodingFormat.DER, source);
                                cp.ExportCertificate(caCrt, EncodingFormat.PEM, target);
                            }

                        return cacertPemFile;
                    }
                    finally
                    {
                        if (File.Exists(tmp))
                            File.Delete(tmp);
                    }
                }
            }

            return null;
        }
Exemple #3
0
        public CertificateRequest RequestCertificate(string csrContent)
        {
            AssertInit();
            AssertRegistration();

            var requMsg = new NewCertRequest
            {
                Csr = csrContent
            };

            var resp = RequestHttpPost(new Uri(RootUrl,
                    Directory[AcmeServerDirectory.RES_NEW_CERT]), requMsg);

            if (resp.IsError)
                throw new AcmeWebException(resp.Error as WebException,
                        "Unexpected error", resp);

            if (resp.StatusCode != HttpStatusCode.Created)
                throw new AcmeProtocolException("Unexpected response status code", resp);

            var uri = resp.Headers[AcmeProtocol.HEADER_LOCATION];
            if (string.IsNullOrEmpty(uri))
                throw new AcmeProtocolException("Response is missing a certificate resource URI", resp);

            // This may be available immediately or it may need to be requeried for
            var certRequ = new CertificateRequest
            {
                StatusCode = resp.StatusCode,
                CsrContent = csrContent,
                Uri = uri,
                Links = resp.Links,
            };
            certRequ.SetCertificateContent(resp.RawContent);

            return certRequ;
        }