public byte[] GenerateComCert(int comServerId) { var comServer = GetServer(comServerId); if (comServer == null) { return(null); } var iCert = new ServiceCertificate().GetIntermediate(); var site = new Uri(comServer.Url); var intermediateEntity = new ServiceCertificate().GetIntermediateEntity(); var pass = new EncryptionServices().DecryptText(intermediateEntity.Password); var intermediateCert = new X509Certificate2(intermediateEntity.PfxBlob, pass, X509KeyStorageFlags.Exportable); var certRequest = new CertificateRequest(); var organization = ServiceSetting.GetSettingValue(SettingStrings.CertificateOrganization); certRequest.SubjectName = string.Format($"CN={site.Host}"); certRequest.NotBefore = DateTime.UtcNow; certRequest.NotAfter = certRequest.NotBefore.AddYears(10); var certificate = new ServiceGenerateCertificate(certRequest).IssueCertificate(intermediateCert, false, true); var bytes = certificate.Export(X509ContentType.Pfx); return(bytes); }
public bool GenerateCAandInt() { var isAllowed = ConfigurationManager.AppSettings["AllowCAGen"]; if (!isAllowed.ToLower().Equals("true")) { Logger.Debug("Certificates cannot be generated without updating the web.config key AllowCAGen"); return(false); } var certRequest = new CertificateRequest(); var organization = new ServiceSetting().GetSetting(SettingStrings.CertificateOrganization); if (organization == null) { return(false); } if (string.IsNullOrEmpty(organization.Value)) { return(false); } certRequest.SubjectName = string.Format("O={0},CN=Toems CA", organization.Value); certRequest.NotBefore = DateTime.UtcNow; certRequest.NotAfter = certRequest.NotBefore.AddYears(20); var authCertificate = new ServiceGenerateCertificate(certRequest).CreateCertificateAuthorityCertificate(); var c = new EntityCertificate(); c.NotAfter = authCertificate.NotAfter; c.NotBefore = authCertificate.NotBefore; c.Serial = authCertificate.SerialNumber; var pfxPass = Membership.GeneratePassword(10, 0); c.Password = new EncryptionServices().EncryptText(pfxPass); c.PfxBlob = authCertificate.Export(X509ContentType.Pfx, pfxPass); c.SubjectName = authCertificate.Subject; c.Type = EnumCertificate.CertificateType.Authority; var existingCA = _uow.CertificateRepository.GetFirstOrDefault(x => x.Type == EnumCertificate.CertificateType.Authority); if (existingCA != null) { _uow.CertificateRepository.Delete(existingCA.Id); } _uow.CertificateRepository.Insert(c); //intermediate var intRequest = new CertificateRequest(); intRequest.SubjectName = string.Format("O={0},CN=Toems Intermediate", organization.Value); intRequest.NotBefore = DateTime.UtcNow; intRequest.NotAfter = intRequest.NotBefore.AddYears(20); var intCertificate = new ServiceGenerateCertificate(intRequest).IssueCertificate(authCertificate, true, false); var ce = new EntityCertificate(); ce.NotAfter = intCertificate.NotAfter; ce.NotBefore = intCertificate.NotBefore; ce.Serial = intCertificate.SerialNumber; var pfxPassInt = Membership.GeneratePassword(10, 0); ce.Password = new EncryptionServices().EncryptText(pfxPassInt); ce.PfxBlob = intCertificate.Export(X509ContentType.Pfx, pfxPassInt); ce.SubjectName = intCertificate.Subject; ce.Type = EnumCertificate.CertificateType.Intermediate; var existingInt = _uow.CertificateRepository.GetFirstOrDefault(x => x.Type == EnumCertificate.CertificateType.Intermediate); if (existingInt != null) { _uow.CertificateRepository.Delete(existingInt.Id); } _uow.CertificateRepository.Insert(ce); _uow.Save(); return(true); }