public async Task <List <ActionResult> > ValidateDeploymentTask(ManagedCertificate managedCertificate, DeploymentTaskConfig taskConfig)
{
var credentialsManager = new CredentialsManager();
var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders);
Dictionary <string, string> credentials = null;
if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey))
{
credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey);
}
try
{
var validationResult = await provider.Validate(managedCertificate, taskConfig, credentials, provider.GetDefinition());
return(validationResult);
}
catch (Exception exp)
{
return(new List <ActionResult> {
new ActionResult("Failed to validate task: " + exp.ToString(), false)
});
}
}
public async Task <List <ActionResult> > ValidateDeploymentTask(ManagedCertificate managedCertificate, DeploymentTaskConfig taskConfig)
{
var credentialsManager = new CredentialsManager();
var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders);
Dictionary <string, string> credentials = null;
if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey))
{
credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey);
}
return(await provider.Validate(managedCertificate, taskConfig, credentials, provider.GetDefinition()));
}
public CertifyManager(bool useWindowsNativeFeatures = true)
{
_useWindowsNativeFeatures = useWindowsNativeFeatures;
_serverConfig = SharedUtils.ServiceConfigManager.GetAppServiceConfig();
SettingsManager.LoadAppSettings();
InitLogging(_serverConfig);
Util.SetSupportedTLSVersions();
try
{
_itemManager = new ItemManager(null, _serviceLog);
if (!_itemManager.IsInitialised())
{
_serviceLog.Error($"Item Manager failed to initialise properly. Check service logs for more information.");
}
}
catch (Exception exp)
{
_serviceLog.Error($"Failed to open or upgrade the managed items database. Check service has required file access permissions. :: {exp}");
}
_credentialsManager = new CredentialsManager(useWindowsNativeFeatures);
_serverProvider = (ICertifiedServer) new ServerProviderIIS(_serviceLog);
_progressResults = new ObservableCollection <RequestProgressState>();
_pluginManager = new PluginManager();
_pluginManager.EnableExternalPlugins = CoreAppSettings.Current.IncludeExternalPlugins;
_pluginManager.LoadPlugins(new List <string> {
"Licensing", "DashboardClient", "DeploymentTasks", "CertificateManagers", "DnsProviders"
});
_migrationManager = new MigrationManager(_itemManager, _credentialsManager, _serverProvider);
LoadCertificateAuthorities();
// init remaining utilities and optionally enable telematics
_challengeDiagnostics = new ChallengeDiagnostics(CoreAppSettings.Current.EnableValidationProxyAPI);
if (CoreAppSettings.Current.EnableAppTelematics)
{
_tc = new Util().InitTelemetry(Locales.ConfigResources.AIInstrumentationKey);
}
_httpChallengePort = _serverConfig.HttpChallengeServerPort;
_httpChallengeServerClient.Timeout = new TimeSpan(0, 0, 20);
if (_tc != null)
{
_tc.TrackEvent("ServiceStarted");
}
_serviceLog?.Information("Certify Manager Started");
try
{
PerformAccountUpgrades().Wait();
}
catch (Exception exp)
{
_serviceLog.Error($"Failed to perform ACME account upgrades. :: {exp}");
}
PerformManagedCertificateMigrations().Wait();
}
public CertifyManager()
{
var serverConfig = SharedUtils.ServiceConfigManager.GetAppServiceConfig();
SettingsManager.LoadAppSettings();
InitLogging(serverConfig);
Util.SetSupportedTLSVersions();
_itemManager = new ItemManager();
_credentialsManager = new CredentialsManager();
_serverProvider = (ICertifiedServer) new ServerProviderIIS();
_progressResults = new ObservableCollection <RequestProgressState>();
_pluginManager = new PluginManager();
_pluginManager.LoadPlugins(new List <string> {
"Licensing", "DashboardClient", "DeploymentTasks", "CertificateManagers"
});
// load core CAs and custom CAs
foreach (var ca in CertificateAuthority.CoreCertificateAuthorities)
{
_certificateAuthorities.TryAdd(ca.Id, ca);
}
try
{
var customCAs = SettingsManager.GetCustomCertificateAuthorities();
foreach (var ca in customCAs)
{
_certificateAuthorities.TryAdd(ca.Id, ca);
}
}
catch (Exception exp)
{
// failed to load custom CAs
_serviceLog.Error(exp.Message);
}
// init remaining utilities and optionally enable telematics
_challengeDiagnostics = new ChallengeDiagnostics(CoreAppSettings.Current.EnableValidationProxyAPI);
if (CoreAppSettings.Current.EnableAppTelematics)
{
_tc = new Util().InitTelemetry();
}
_httpChallengePort = serverConfig.HttpChallengeServerPort;
_httpChallengeServerClient.Timeout = new TimeSpan(0, 0, 20);
if (_tc != null)
{
_tc.TrackEvent("ServiceStarted");
}
_serviceLog?.Information("Certify Manager Started");
PerformAccountUpgrades().Wait();
PerformManagedCertificateMigrations().Wait();
}
public async Task <List <ActionStep> > PerformDeploymentTask(ILog log, string managedCertificateId, string taskId, bool isPreviewOnly, bool skipDeferredTasks)
{
var steps = new List <ActionStep>();
var managedCert = await GetManagedCertificate(managedCertificateId);
if (managedCert == null)
{
steps.Add(new ActionStep {
HasError = true, Title = "Deployment", Description = "Managed certificate not found. Could not deploy."
});
}
if (log == null)
{
log = ManagedCertificateLog.GetLogger(managedCert.Id, _loggingLevelSwitch);
}
// perform or preview each task
var credentialsManager = new CredentialsManager();
var deploymentTasks = new List <DeploymentTask>();
var taskList = managedCert.DeploymentTasks?.Where(t => string.IsNullOrEmpty(taskId) || taskId == t.Id);
foreach (var taskConfig in taskList)
{
// add task to execution list unless the task is deferred and we are currently skipping deferred tasks
if (!taskConfig.IsDeferred || (taskConfig.IsDeferred && !skipDeferredTasks))
{
try
{
var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders);
Dictionary <string, string> credentials = null;
if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey))
{
credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey);
}
var deploymentTask = new DeploymentTask(provider, taskConfig, credentials);
deploymentTasks.Add(deploymentTask);
}
catch (Exception exp)
{
steps.Add(new ActionStep {
HasError = true, Title = "Deployment Task: " + taskConfig.TaskName, Description = "Cannot create task provider for deployment task: " + exp.ToString()
});
}
}
}
foreach (var task in deploymentTasks)
{
var results = await task.Execute(log, managedCert, isPreviewOnly : isPreviewOnly);
foreach (var r in results)
{
steps.Add(new ActionStep {
HasError = !r.IsSuccess, Description = r.Message
});
}
}
return(steps);
}
