public Task <(byte[]? certificate, AcmeError?error)> IssueCertificate(string csr, CancellationToken cancellationToken)
        {
            var result = (Certificate : (byte[]?)null, Error : (AcmeError?)null);

            try
            {
                var certRequest        = new CertCli.CCertRequest();
                var attributes         = $"CertificateTemplate:{_options.Value.TemplateName}";
                var submitResponseCode = certRequest.Submit(CR_IN_BASE64, csr, attributes, _options.Value.CAServer);

                if (submitResponseCode == 3)
                {
                    var base64Certificate = certRequest.GetCertificate(CR_OUT_BASE64 | CR_OUT_CHAIN);
                    result.Certificate = Convert.FromBase64String(base64Certificate);
                }
                else
                {
                    result.Error = new AcmeError("serverInternal", "Certificate Issuance failed. Contact Administrator.");
                }
            } catch (Exception)
            {
                result.Error = new AcmeError("serverInternal", "Certificate Issuance failed. Contact Administrator");
            }

            return(Task.FromResult(result));
        }
Exemple #2
0
        public Task <(byte[]? Certificates, AcmeError?Error)> IssueCertificate(string csr, CancellationToken cancellationToken)
        {
            _logger.LogDebug($"Try to issue certificate for CSR: {csr}");
            var result = (Certificates : (byte[]?)null, Error : (AcmeError?)null);

            try
            {
                var certRequest        = new CertCli.CCertRequest();
                var attributes         = $"CertificateTemplate:{_options.Value.TemplateName}";
                var submitResponseCode = certRequest.Submit(CR_IN_BASE64, csr, attributes, _options.Value.CAServer);

                if (submitResponseCode == 3)
                {
                    var issuerResponse      = certRequest.GetCertificate(CR_OUT_BASE64 | CR_OUT_CHAIN);
                    var issuerResponseBytes = Convert.FromBase64String(issuerResponse);

                    var issuerSignedCms = new SignedCms();
                    issuerSignedCms.Decode(issuerResponseBytes);
                    result.Certificates = issuerSignedCms.Certificates.Export(X509ContentType.Pfx);

                    _logger.LogDebug("Certificate has been issued.");
                }
                else
                {
                    _logger.LogError($"Certificate could not be issued. ResponseCode: {submitResponseCode}.");
                    result.Error = new AcmeError("serverInternal", "Certificate Issuance failed. Contact Administrator.");
                }
            }
            catch (Exception ex)
            {
                _logger.LogError(ex, "Exception has been raised during certificate issuance.");
                result.Error = new AcmeError("serverInternal", "Certificate Issuance failed. Contact Administrator");
            }

            return(Task.FromResult(result));
        }