/// <summary> /// Creates a new self-signed X509 certificate /// </summary> /// <param name="issuer">The certificate issuer</param> /// <param name="friendlyName">Human readable name</param> /// <param name="password">The certificate's password</param> /// <param name="startTime">Certificate creation date & time</param> /// <param name="endTime">Certificate expiry date & time</param> /// <returns>An X509Certificate2</returns> public static X509Certificate2 CreateSelfSignedCert(string issuer, string friendlyName, string password, DateTime startTime, DateTime endTime) { string distinguishedNameString = issuer; var key = Create2048RsaKey(); var creationParams = new X509CertificateCreationParameters(new X500DistinguishedName(distinguishedNameString)) { TakeOwnershipOfKey = true, StartTime = startTime, EndTime = endTime }; // adding client authentication, -eku = 1.3.6.1.5.5.7.3.2, // This is mandatory for the upload to be successful OidCollection oidCollection = new OidCollection(); oidCollection.Add(new Oid(OIDClientAuthValue, OIDClientAuthFriendlyName)); creationParams.Extensions.Add(new X509EnhancedKeyUsageExtension(oidCollection, false)); // Documentation of CreateSelfSignedCertificate states: // If creationParameters have TakeOwnershipOfKey set to true, the certificate // generated will own the key and the input CngKey will be disposed to ensure // that the caller doesn't accidentally use it beyond its lifetime (which is // now controlled by the certificate object). // We don't dispose it ourselves in this case. var cert = key.CreateSelfSignedCertificate(creationParams); key = null; cert.FriendlyName = friendlyName; // X509 certificate needs PersistKeySet flag set. // Reload a new X509Certificate2 instance from exported bytes in order to set the PersistKeySet flag. var bytes = cert.Export(X509ContentType.Pfx, password); // NOTE: PfxValidation is not done here because these are newly created certs and assumed valid. ICommonEventSource evtSource = null; return(X509Certificate2Helper.NewX509Certificate2(bytes, password, X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable, evtSource, doPfxValidation: false)); }
/// <summary> /// Initializes the resource provider application. /// </summary> /// <param name="httpConfiguration">The default HttpConfiguration object for this application.</param> /// <param name="serviceConfiguration">The service configuration object containing resource provider settings.</param> /// <param name="eventSource">The event source used for logging resource provider operations.</param> public static void Initialize( HttpConfiguration httpConfiguration, ResourceProviderServiceConfiguration serviceConfiguration, ICommonEventSource eventSource) { ArgumentValidator.ValidateNotNull("httpConfiguration", httpConfiguration); ArgumentValidator.ValidateNotNull("serviceConfiguration", serviceConfiguration); ArgumentValidator.ValidateNotNull("eventSource", eventSource); httpConfiguration.Filters.Add(new ResourceProviderExceptionFilterAttribute(eventSource)); // Ensure use of the JsonMediaTypeFormatter provided by the RP SDK, which guarantees the correct // JSON serialization settings for ARM interoperability. httpConfiguration.Formatters.Clear(); httpConfiguration.Formatters.Add(JsonExtensions.JsonMediaTypeFormatter); var manifest = ManifestFactory.CreateResourceProviderManifest(serviceConfiguration); ResourceProviderManager.RegisterCredentialAuthorization( httpConfiguration: httpConfiguration, eventSource: eventSource, manifestEndpointCredential: serviceConfiguration.Manifest.ManifestEndpointCredential, providerManifests: new ResourceProviderManifest[] { manifest }); ResourceProviderManager.RegisterEventsController( httpConfiguration: httpConfiguration, providerManifest: manifest, eventSource: eventSource, eventsConnectionString: serviceConfiguration.EventsConnectionString.ConnectionString, eventSchemaName: serviceConfiguration.EventsSchemaName); // TODO: Enable Azure Gallery item controller, when publishing a gallery item. //ResourceProviderManager.RegisterGalleryController( // httpConfiguration: httpConfiguration, // providerManifest: manifest, // galleryItemsResources: null); ResourceProviderManager.RegisterProviderManifestController( httpConfiguration: httpConfiguration, manifestEndpointUri: serviceConfiguration.BaseEndpoint.AbsoluteUri, eventSource: eventSource, providerManifest: manifest); // Create the resource provider storage. var resourceProviderStorage = new DefaultResourceProviderStorage( connectionStrings: new string[] { serviceConfiguration.StorageConnectionString }, eventSource: eventSource); // Create and initialize the handler configurations for each registered resource type. var resourceHandlers = new ResourceTypeHandlerConfiguration[] { ResourceTypeHandlerConfiguration.CreateResourceGroupWideResourceTypeHandlerConfiguration( resourceTypeName: new ResourceTypeName(ManifestFactory.Namespace, ManifestFactory.RootResourceTypeName), apiVersions: new string[] { serviceConfiguration.ApiVersion }, resourceProviderStorage: resourceProviderStorage, eventSource: eventSource, managedResourceTypeRequestHandler: new RootResourceTypeRequestHandler(resourceProviderStorage)), ResourceTypeHandlerConfiguration.CreateResourceGroupWideResourceTypeHandlerConfiguration( resourceTypeName: new ResourceTypeName(ManifestFactory.Namespace, ManifestFactory.RootResourceTypeName, ManifestFactory.NestedResourceTypeName), apiVersions: new string[] { serviceConfiguration.ApiVersion }, resourceProviderStorage: resourceProviderStorage, eventSource: eventSource, managedResourceTypeRequestHandler: new NestedResourceTypeRequestHandler(resourceProviderStorage)) }; ResourceProviderManager.RegisterResourceProvider( httpConfiguration: httpConfiguration, eventSource: eventSource, providerStorage: resourceProviderStorage, providerNamespace: manifest.Namespace, resourceTypeHandlerConfigurationCollection: resourceHandlers); ResourceProviderManager.RegisterUsageController( httpConfiguration: httpConfiguration, providerManifest: manifest, handler: null, eventSource: eventSource, usageConnectionString: serviceConfiguration.UsageConnectionString.ConnectionString, usageSchemaName: serviceConfiguration.UsageSchemaName); }