Esempio n. 1
0
        public async Task <List <ActionResult> > ValidateDeploymentTask(ManagedCertificate managedCertificate, DeploymentTaskConfig taskConfig)
        {
            var credentialsManager = new CredentialsManager();
            var provider           = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders);

            Dictionary <string, string> credentials = null;

            if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey))
            {
                credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey);
            }

            try
            {
                var validationResult = await provider.Validate(managedCertificate, taskConfig, credentials, provider.GetDefinition());

                return(validationResult);
            }
            catch (Exception exp)
            {
                return(new List <ActionResult> {
                    new ActionResult("Failed to validate task: " + exp.ToString(), false)
                });
            }
        }
Esempio n. 2
0
        public async Task <List <ActionResult> > ValidateDeploymentTask(ManagedCertificate managedCertificate, DeploymentTaskConfig taskConfig)
        {
            var credentialsManager = new CredentialsManager();
            var provider           = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders);

            Dictionary <string, string> credentials = null;

            if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey))
            {
                credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey);
            }

            return(await provider.Validate(managedCertificate, taskConfig, credentials, provider.GetDefinition()));
        }
Esempio n. 3
0
        public CertifyManager(bool useWindowsNativeFeatures = true)
        {
            _useWindowsNativeFeatures = useWindowsNativeFeatures;

            _serverConfig = SharedUtils.ServiceConfigManager.GetAppServiceConfig();

            SettingsManager.LoadAppSettings();

            InitLogging(_serverConfig);

            Util.SetSupportedTLSVersions();
            try
            {
                _itemManager = new ItemManager(null, _serviceLog);

                if (!_itemManager.IsInitialised())
                {
                    _serviceLog.Error($"Item Manager failed to initialise properly. Check service logs for more information.");
                }
            }
            catch (Exception exp)
            {
                _serviceLog.Error($"Failed to open or upgrade the managed items database. Check service has required file access permissions. :: {exp}");
            }

            _credentialsManager = new CredentialsManager(useWindowsNativeFeatures);
            _serverProvider     = (ICertifiedServer) new ServerProviderIIS(_serviceLog);

            _progressResults = new ObservableCollection <RequestProgressState>();

            _pluginManager = new PluginManager();
            _pluginManager.EnableExternalPlugins = CoreAppSettings.Current.IncludeExternalPlugins;
            _pluginManager.LoadPlugins(new List <string> {
                "Licensing", "DashboardClient", "DeploymentTasks", "CertificateManagers", "DnsProviders"
            });

            _migrationManager = new MigrationManager(_itemManager, _credentialsManager, _serverProvider);

            LoadCertificateAuthorities();


            // init remaining utilities and optionally enable telematics
            _challengeDiagnostics = new ChallengeDiagnostics(CoreAppSettings.Current.EnableValidationProxyAPI);

            if (CoreAppSettings.Current.EnableAppTelematics)
            {
                _tc = new Util().InitTelemetry(Locales.ConfigResources.AIInstrumentationKey);
            }

            _httpChallengePort = _serverConfig.HttpChallengeServerPort;
            _httpChallengeServerClient.Timeout = new TimeSpan(0, 0, 20);

            if (_tc != null)
            {
                _tc.TrackEvent("ServiceStarted");
            }

            _serviceLog?.Information("Certify Manager Started");

            try
            {
                PerformAccountUpgrades().Wait();
            }
            catch (Exception exp)
            {
                _serviceLog.Error($"Failed to perform ACME account upgrades. :: {exp}");
            }

            PerformManagedCertificateMigrations().Wait();
        }
Esempio n. 4
0
        public CertifyManager()
        {
            var serverConfig = SharedUtils.ServiceConfigManager.GetAppServiceConfig();

            SettingsManager.LoadAppSettings();

            InitLogging(serverConfig);

            Util.SetSupportedTLSVersions();

            _itemManager        = new ItemManager();
            _credentialsManager = new CredentialsManager();
            _serverProvider     = (ICertifiedServer) new ServerProviderIIS();

            _progressResults = new ObservableCollection <RequestProgressState>();

            _pluginManager = new PluginManager();
            _pluginManager.LoadPlugins(new List <string> {
                "Licensing", "DashboardClient", "DeploymentTasks", "CertificateManagers"
            });


            // load core CAs and custom CAs
            foreach (var ca in CertificateAuthority.CoreCertificateAuthorities)
            {
                _certificateAuthorities.TryAdd(ca.Id, ca);
            }

            try
            {
                var customCAs = SettingsManager.GetCustomCertificateAuthorities();

                foreach (var ca in customCAs)
                {
                    _certificateAuthorities.TryAdd(ca.Id, ca);
                }
            }
            catch (Exception exp)
            {
                // failed to load custom CAs
                _serviceLog.Error(exp.Message);
            }


            // init remaining utilities and optionally enable telematics
            _challengeDiagnostics = new ChallengeDiagnostics(CoreAppSettings.Current.EnableValidationProxyAPI);

            if (CoreAppSettings.Current.EnableAppTelematics)
            {
                _tc = new Util().InitTelemetry();
            }

            _httpChallengePort = serverConfig.HttpChallengeServerPort;
            _httpChallengeServerClient.Timeout = new TimeSpan(0, 0, 20);

            if (_tc != null)
            {
                _tc.TrackEvent("ServiceStarted");
            }

            _serviceLog?.Information("Certify Manager Started");

            PerformAccountUpgrades().Wait();

            PerformManagedCertificateMigrations().Wait();
        }
Esempio n. 5
0
        public async Task <List <ActionStep> > PerformDeploymentTask(ILog log, string managedCertificateId, string taskId, bool isPreviewOnly, bool skipDeferredTasks)
        {
            var steps = new List <ActionStep>();

            var managedCert = await GetManagedCertificate(managedCertificateId);

            if (managedCert == null)
            {
                steps.Add(new ActionStep {
                    HasError = true, Title = "Deployment", Description = "Managed certificate not found. Could not deploy."
                });
            }

            if (log == null)
            {
                log = ManagedCertificateLog.GetLogger(managedCert.Id, _loggingLevelSwitch);
            }

            // perform or preview each task
            var credentialsManager = new CredentialsManager();

            var deploymentTasks = new List <DeploymentTask>();

            var taskList = managedCert.DeploymentTasks?.Where(t => string.IsNullOrEmpty(taskId) || taskId == t.Id);

            foreach (var taskConfig in taskList)
            {
                // add task to execution list unless the task is deferred and we are currently skipping deferred tasks

                if (!taskConfig.IsDeferred || (taskConfig.IsDeferred && !skipDeferredTasks))
                {
                    try
                    {
                        var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders);

                        Dictionary <string, string> credentials = null;

                        if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey))
                        {
                            credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey);
                        }

                        var deploymentTask = new DeploymentTask(provider, taskConfig, credentials);

                        deploymentTasks.Add(deploymentTask);
                    }
                    catch (Exception exp)
                    {
                        steps.Add(new ActionStep {
                            HasError = true, Title = "Deployment Task: " + taskConfig.TaskName, Description = "Cannot create task provider for deployment task: " + exp.ToString()
                        });
                    }
                }
            }

            foreach (var task in deploymentTasks)
            {
                var results = await task.Execute(log, managedCert, isPreviewOnly : isPreviewOnly);

                foreach (var r in results)
                {
                    steps.Add(new ActionStep {
                        HasError = !r.IsSuccess, Description = r.Message
                    });
                }
            }

            return(steps);
        }