/// <summary> /// Steps to take on succesful (re)authorization /// </summary> /// <param name="target"></param> private static RenewResult OnRenewSuccess(ILifetimeScope renewalScope, ScheduledRenewal renewal) { RenewResult result = null; try { var certificateService = renewalScope.Resolve <CertificateService>(); var storePlugin = renewalScope.Resolve <IStorePlugin>(); var oldCertificate = renewal.Certificate(storePlugin); var newCertificate = certificateService.RequestCertificate(renewal.Binding); // Test if a new certificate has been generated if (newCertificate == null) { return(new RenewResult(new Exception("No certificate generated"))); } else { result = new RenewResult(newCertificate); } // Early escape for testing validation only if (_options.Test && renewal.New && !_input.PromptYesNo($"[--test] Do you want to install the certificate?")) { return(result); } try { // Check if the newly requested certificate is already in the store, // which might be the case due to the cache mechanism built into the // RequestCertificate function var storedCertificate = storePlugin.FindByThumbprint(newCertificate.Certificate.Thumbprint); if (storedCertificate != null) { // Copy relevant properties _log.Warning("Certificate with thumbprint {thumbprint} is already in the store", newCertificate.Certificate.Thumbprint); newCertificate.Store = storedCertificate.Store; } else { // Save to store storePlugin.Save(newCertificate); } } catch (Exception ex) { _log.Error(ex, "Unable to store certificate"); result.Success = false; result.ErrorMessage = $"Store failed: {ex.Message}"; return(result); } // Run installation plugin(s) try { var installFactories = renewalScope.Resolve <List <IInstallationPluginFactory> >(); var steps = installFactories.Count(); for (var i = 0; i < steps; i++) { var installFactory = installFactories[i]; if (!(installFactory is INull)) { var installInstance = (IInstallationPlugin)renewalScope.Resolve(installFactory.Instance); if (steps > 1) { _log.Information("Installation step {n}/{m}: {name}...", i + 1, steps, installFactory.Description); } else { _log.Information("Installing with {name}...", installFactory.Description); } installInstance.Install(newCertificate, oldCertificate); } } } catch (Exception ex) { _log.Error(ex, "Unable to install certificate"); result.Success = false; result.ErrorMessage = $"Install failed: {ex.Message}"; } // Delete the old certificate if not forbidden, found and not re-used if ((!renewal.KeepExisting ?? false) && oldCertificate != null && newCertificate.Certificate.Thumbprint != oldCertificate.Certificate.Thumbprint) { try { storePlugin.Delete(oldCertificate); } catch (Exception ex) { _log.Error(ex, "Unable to delete previous certificate"); //result.Success = false; // not a show-stopper, consider the renewal a success result.ErrorMessage = $"Delete failed: {ex.Message}"; } } // Add or update renewal if (renewal.New && !_options.NoTaskScheduler && (!_options.Test || _input.PromptYesNo($"Do you want to automatically renew this certificate in {_renewalService.RenewalPeriod} days?"))) { var taskScheduler = _container.Resolve <TaskSchedulerService>(); taskScheduler.EnsureTaskScheduler(); _renewalService.Save(renewal, result); } return(result); } catch (Exception ex) { // Result might still contain the Thumbprint of the certificate // that was requested and (partially? installed, which might help // with debugging HandleException(ex); if (result == null) { result = new RenewResult(ex); } else { result.Success = false; result.ErrorMessage = ex.Message; } } return(result); }
/// <summary> /// Steps to take on succesful (re)authorization /// </summary> /// <param name="target"></param> private static RenewResult OnRenewSuccess(ILifetimeScope renewalScope, ScheduledRenewal renewal) { RenewResult result = null; try { var certificateService = renewalScope.Resolve <CertificateService>(); var storePlugin = renewalScope.Resolve <IStorePlugin>(); var oldCertificate = renewal.Certificate(storePlugin); var newCertificate = certificateService.RequestCertificate(renewal.Binding); if (newCertificate == null) { return(new RenewResult(new Exception("No certificate generated"))); } else { result = new RenewResult(newCertificate); } // Early escape for testing validation only if (_options.Test && renewal.New && !_input.PromptYesNo($"Do you want to save the certificate?")) { return(result); } // Save to store storePlugin.Save(newCertificate); // Run installation plugin(s) try { var installFactories = renewalScope.Resolve <List <IInstallationPluginFactory> >(); var steps = installFactories.Count(); for (var i = 0; i < steps; i++) { var installFactory = installFactories[i]; if (!(installFactory is INull)) { var installInstance = (IInstallationPlugin)renewalScope.Resolve(installFactory.Instance); if (steps > 1) { _log.Information("Installation step {n}/{m}: {name}...", i + 1, steps, installFactory.Description); } else { _log.Information("Installing with {name}...", installFactory.Description); } installInstance.Install(newCertificate, oldCertificate); } } } catch (Exception ex) { _log.Error(ex, "Unable to install certificate"); result.Success = false; result.ErrorMessage = $"Install failed: {ex.Message}"; } // Delete the old certificate if specified and found if (!renewal.KeepExisting && oldCertificate != null) { try { storePlugin.Delete(oldCertificate); } catch (Exception ex) { _log.Error(ex, "Unable to delete previous certificate"); //result.Success = false; // not a show-stopper, consider the renewal a success result.ErrorMessage = $"Delete failed: {ex.Message}"; } } // Add or update renewal if (renewal.New && !_options.NoTaskScheduler && (!_options.Test || _input.PromptYesNo($"Do you want to automatically renew this certificate in {_renewalService.RenewalPeriod} days? This will add a task scheduler task."))) { var taskScheduler = _container.Resolve <TaskSchedulerService>(); taskScheduler.EnsureTaskScheduler(); _renewalService.Save(renewal, result); } return(result); } catch (Exception ex) { // Result might still contain the Thumbprint of the certificate // that was requested and (partially? installed, which might help // with debugging HandleException(ex); if (result == null) { result = new RenewResult(ex); } else { result.Success = false; result.ErrorMessage = ex.Message; } } return(result); }
/// <summary> /// Steps to take on succesful (re)authorization /// </summary> /// <param name="binding"></param> public static RenewResult OnAutoSuccess(Target binding) { RenewResult result = new RenewResult(new Exception("Unknown error after validation")); try { var scheduled = _renewalService.Find(binding); var oldCertificate = FindCertificate(scheduled); var newCertificate = _certificateService.RequestCertificate(binding); var newCertificatePfx = new FileInfo(_certificateService.PfxFilePath(binding)); result = new RenewResult(newCertificate); if (_options.Test && !_options.Renew && !_input.PromptYesNo($"Do you want to install the certificate?")) { return(result); } SaveCertificate(binding.GetHosts(true), newCertificate, newCertificatePfx); if (_options.Renew || !_options.Test || _input.PromptYesNo($"Do you want to add/update the certificate to your server software?")) { _log.Information("Installing SSL certificate in server software"); if (_options.CentralSsl) { binding.Plugin.Install(binding); } else { binding.Plugin.Install(binding, newCertificatePfx.FullName, _certificateStoreService.DefaultStore, newCertificate, oldCertificate); } if (!_options.KeepExisting && oldCertificate != null) { DeleteCertificate(oldCertificate.Thumbprint); } } if (!_options.Renew && (scheduled != null || !_options.Test || _input.PromptYesNo($"Do you want to automatically renew this certificate in {_renewalService.RenewalPeriod} days? This will add a task scheduler task."))) { _renewalService.CreateOrUpdate(binding, result); } return(result); } catch (Exception ex) { // Result might still contain the Thumbprint of the certificate // that was requested and (partially? installed, which might help // with debugging HandleException(ex); result.Success = false; result.ErrorMessage = ex.Message; } return(result); }