/// <summary>
/// Run the renewal
/// </summary>
/// <param name="execute"></param>
/// <param name="orders"></param>
/// <param name="runLevel"></param>
/// <returns></returns>
private async Task <RenewResult> ExecuteRenewal(ILifetimeScope execute, List <Order> orders, RunLevel runLevel)
{
var result = new RenewResult();
foreach (var order in orders)
{
_log.Verbose("Handle order {n}/{m}: {friendly}",
orders.IndexOf(order) + 1,
orders.Count,
order.FriendlyNamePart ?? "Main");
// Create the order details
var orderManager = execute.Resolve <OrderManager>();
order.Details = await orderManager.GetOrCreate(order, runLevel);
// Create the execution context
var context = new ExecutionContext(execute, order, runLevel, result);
// Authorize the order (validation)
await _validator.AuthorizeOrder(context, runLevel);
if (context.Result.Success)
{
// Execute final steps (CSR, store, install)
await ExecuteOrder(context);
}
}
return(result);
}
private async Task <CertificateInfo?> GetFromServer(ExecutionContext context, RunLevel runLevel)
{
// Place the order
var orderManager = context.Scope.Resolve <OrderManager>();
context.Order.Details = await orderManager.GetOrCreate(context.Order, runLevel);
// Run validations
await _validator.AuthorizeOrder(context, runLevel);
if (!context.Result.Success)
{
return(null);
}
// Generate the CSR
var csrPlugin = context.Target.CsrBytes == null?context.Scope.Resolve <ICsrPlugin>() : null;
if (csrPlugin != null)
{
var(disabled, disabledReason) = csrPlugin.Disabled;
if (disabled)
{
context.Result.AddErrorMessage($"CSR plugin is not available. {disabledReason}");
return(null);
}
}
// Request the certificate
var certificateService = context.Scope.Resolve <ICertificateService>();
return(await certificateService.RequestCertificate(csrPlugin, context.RunLevel, context.Order));
}
private async Task <CertificateInfo?> GetFromServer(ExecutionContext context, RunLevel runLevel)
{
// Place the order
var certificateService = context.Scope.Resolve <ICertificateService>();
var orderManager = context.Scope.Resolve <OrderManager>();
context.Order.KeyPath = context.Order.Renewal.CsrPluginOptions?.ReusePrivateKey == true
? certificateService.ReuseKeyPath(context.Order) : null;
context.Order.Details = await orderManager.GetOrCreate(context.Order, runLevel);
// Sanity checks
if (context.Order.Details == null)
{
context.Result.AddErrorMessage($"Unable to create order");
return(null);
}
if (context.Order.Details.Payload.Status == AcmeClient.OrderInvalid)
{
context.Result.AddErrorMessage($"Created order was invalid");
return(null);
}
// Generate the CSR plugin
var csrPlugin = context.Target.CsrBytes == null?context.Scope.Resolve <ICsrPlugin>() : null;
if (csrPlugin != null)
{
var(disabled, disabledReason) = csrPlugin.Disabled;
if (disabled)
{
context.Result.AddErrorMessage($"CSR plugin is not available. {disabledReason}");
return(null);
}
}
// Run validations
var orderValid =
context.Order.Details.Payload.Status == AcmeClient.OrderValid ||
context.Order.Details.Payload.Status == AcmeClient.OrderReady;
if (!orderValid || runLevel.HasFlag(RunLevel.Test) || runLevel.HasFlag(RunLevel.IgnoreCache))
{
await _validator.AuthorizeOrder(context, orderValid);
if (!context.Result.Success)
{
return(null);
}
}
// Request the certificate
return(await certificateService.RequestCertificate(csrPlugin, context.RunLevel, context.Order));
}