/// <summary>
/// Registers or updates a current object in local registry.
/// </summary>
/// <exception cref="UninitializedObjectException">
/// The current object is not properly initialized through any of public constructor.
/// </exception>
/// <exception cref="NotSupportedException">
/// <strong>Authentication</strong> property is set to <strong>None</strong>.
/// </exception>
public void Register()
{
if (URL == null)
{
throw new UninitializedObjectException();
}
CX509EnrollmentHelper urlClass = new CX509EnrollmentHelper();
urlClass.Initialize(UserContext
? X509CertificateEnrollmentContext.ContextUser
: X509CertificateEnrollmentContext.ContextMachine);
try {
switch (Authentication)
{
case PolicyAuthenticationEnum.Anonymous:
case PolicyAuthenticationEnum.Kerberos:
urlClass.AddPolicyServer(
URL.AbsoluteUri,
PolicyId,
0,
(X509EnrollmentAuthFlags)(Int32)Authentication,
null,
null
);
break;
case PolicyAuthenticationEnum.UserNameAndPassword:
urlClass.AddPolicyServer(
URL.AbsoluteUri,
PolicyId,
0,
(X509EnrollmentAuthFlags)(Int32)Authentication,
uName,
Marshal.PtrToStringAuto(Marshal.SecureStringToBSTR(uPassword))
);
break;
case PolicyAuthenticationEnum.ClientCertificate:
urlClass.AddPolicyServer(
URL.AbsoluteUri,
PolicyId,
0,
(X509EnrollmentAuthFlags)(Int32)Authentication,
uName,
null
);
break;
default: throw new NotSupportedException();
}
registered = true;
} catch (Exception e) {
throw Error.ComExceptionHandler(e);
} finally {
CryptographyUtils.ReleaseCom(urlClass);
}
}
public bool enrollWithIX509EnrollmentHelper()
{
bool bRet = true;
try
{
IX509EnrollmentPolicyServer objPolicyServer = null;
IX509CertificateTemplates objTemplates = null;
IX509CertificateTemplate objTemplate = null;
IX509EnrollmentHelper objEnrollHelper = null;
IX509Enrollment2 objEnroll2 = null;
objPolicyServer = new CX509EnrollmentPolicyWebService();
objPolicyServer.Initialize(
m_strPolicyServerUrl,
null,
m_PolicyServerAuthType,
true,
m_context);
//This call sets authentication type and authentication credential
//to policy server to the object referenced by objPolicyServer.
//This call is necessary even for Kerberos authentication type.
objPolicyServer.SetCredential(
0,
m_PolicyServerAuthType,
m_strPolicyServerUsername,
m_strPolicyServerPassword);
objPolicyServer.LoadPolicy(X509EnrollmentPolicyLoadOption.LoadOptionDefault);
objTemplates = objPolicyServer.GetTemplates();
objTemplate = objTemplates.get_ItemByName(m_strTemplateName);
//There is no need to cache credential for Kerberos authentication type
if (m_EnrollmentServerAuthType == X509EnrollmentAuthFlags.X509AuthUsername)
{
objEnrollHelper = new CX509EnrollmentHelper();
objEnrollHelper.Initialize(m_context);
//This call caches the authentication credential to
//enrollment server in Windows vault
objEnrollHelper.AddEnrollmentServer(
m_strEnrollmentServerUrl,
m_EnrollmentServerAuthType,
m_strEnrollmentServerUsername,
m_strEnrollmentServerPassword);
}
objEnroll2 = new CX509Enrollment();
objEnroll2.InitializeFromTemplate(
m_context,
objPolicyServer,
objTemplate);
//This call reads authentication cache to
//enrollment server from Windows vault
objEnroll2.Enroll();
}
catch (Exception e)
{
bRet = false;
Console.WriteLine("Error: {0}", e.Message);
}
if (bRet)
{
Console.WriteLine("Certificate enrollment succeeded.");
}
else
{
Console.WriteLine("Certificate enrollment failed.");
}
return(bRet);
}
public bool enrollWithIX509EnrollmentHelper()
{
bool bRet = true;
try
{
IX509EnrollmentPolicyServer objPolicyServer = null;
IX509CertificateTemplates objTemplates = null;
IX509CertificateTemplate objTemplate = null;
IX509EnrollmentHelper objEnrollHelper = null;
IX509Enrollment2 objEnroll2 = null;
objPolicyServer = new CX509EnrollmentPolicyWebService();
objPolicyServer.Initialize(
m_strPolicyServerUrl,
null,
m_PolicyServerAuthType,
true,
m_context);
//This call sets authentication type and authentication credential
//to policy server to the object referenced by objPolicyServer.
//This call is necessary even for Kerberos authentication type.
objPolicyServer.SetCredential(
0,
m_PolicyServerAuthType,
m_strPolicyServerUsername,
m_strPolicyServerPassword);
objPolicyServer.LoadPolicy(X509EnrollmentPolicyLoadOption.LoadOptionDefault);
objTemplates = objPolicyServer.GetTemplates();
objTemplate = objTemplates.get_ItemByName(m_strTemplateName);
//There is no need to cache credential for Kerberos authentication type
if (m_EnrollmentServerAuthType == X509EnrollmentAuthFlags.X509AuthUsername)
{
objEnrollHelper = new CX509EnrollmentHelper();
objEnrollHelper.Initialize(m_context);
//This call caches the authentication credential to
//enrollment server in Windows vault
objEnrollHelper.AddEnrollmentServer(
m_strEnrollmentServerUrl,
m_EnrollmentServerAuthType,
m_strEnrollmentServerUsername,
m_strEnrollmentServerPassword);
}
objEnroll2 = new CX509Enrollment();
objEnroll2.InitializeFromTemplate(
m_context,
objPolicyServer,
objTemplate);
//This call reads authentication cache to
//enrollment server from Windows vault
objEnroll2.Enroll();
}
catch (Exception e)
{
bRet = false;
Console.WriteLine("Error: {0}", e.Message);
}
if (bRet)
Console.WriteLine("Certificate enrollment succeeded.");
else
Console.WriteLine("Certificate enrollment failed.");
return bRet;
}
