public async Task <ProcessStepResult> CompleteCertificateRequest(ILog log, CertRequestConfig config, string orderId, string pwd) { var order = await _client.GetOrderDetailsAsync(""); _ = await _client.GetOrderCertificateAsync(order); return(new ProcessStepResult { IsSuccess = true }); }
internal byte[] GetCertificate(OrderDetails order) { return(Retry(() => _client.GetOrderCertificateAsync(order).Result)); }
protected async Task <bool> ResolveCertificate(AcmeProtocolClient acme) { if (_state.Certificate != null) { _logger.LogInformation("Certificate is already resolved"); return(true); } CertPrivateKey key = null; _logger.LogInformation("Refreshing Order status"); _state.Order = await acme.GetOrderDetailsAsync(_state.Order.OrderUrl, _state.Order); Save(_state.OrderFile, _state.Order); if (AcmeState.PendingStatus == _state.Order.Payload.Status) { _logger.LogInformation("Generating CSR"); byte[] csr; switch (_options.CertificateKeyAlgor) { case "rsa": key = CertHelper.GenerateRsaPrivateKey( _options.CertificateKeySize ?? AcmeOptions.DefaultRsaKeySize); csr = CertHelper.GenerateRsaCsr(_options.DnsNames, key); break; case "ec": key = CertHelper.GenerateEcPrivateKey( _options.CertificateKeySize ?? AcmeOptions.DefaultEcKeySize); csr = CertHelper.GenerateEcCsr(_options.DnsNames, key); break; default: throw new Exception("Unknown Certificate Key Algorithm: " + _options.CertificateKeyAlgor); } using (var keyPem = new MemoryStream()) { CertHelper.ExportPrivateKey(key, EncodingFormat.PEM, keyPem); keyPem.Position = 0L; Save(_state.CertificateKeysFile, keyPem); } Save(_state.CertificateRequestFile, csr); _logger.LogInformation("Finalizing Order"); _state.Order = await acme.FinalizeOrderAsync(_state.Order.Payload.Finalize, csr); Save(_state.OrderFile, _state.Order); } if (AcmeState.ValidStatus != _state.Order.Payload.Status) { _logger.LogWarning("Order is NOT VALID"); return(false); } if (string.IsNullOrEmpty(_state.Order.Payload.Certificate)) { _logger.LogWarning("Order Certificate is NOT READY YET"); var now = DateTime.Now; do { _logger.LogInformation("Waiting..."); // We wait in 5s increments await Task.Delay(5000); _state.Order = await acme.GetOrderDetailsAsync(_state.Order.OrderUrl, _state.Order); Save(_state.OrderFile, _state.Order); if (!string.IsNullOrEmpty(_state.Order.Payload.Certificate)) { break; } if (DateTime.Now < now.AddSeconds(_options.WaitForCertificate)) { _logger.LogWarning("Timed Out!"); return(false); } } while (true); } _logger.LogInformation("Retreiving Certificate"); var certBytes = await acme.GetOrderCertificateAsync(_state.Order); Save(_state.CertificateChainFile, certBytes); if (key == null) { _logger.LogInformation("Loading private key"); key = CertHelper.ImportPrivateKey(EncodingFormat.PEM, Load <Stream>(_state.CertificateKeysFile).value); } using (var crtStream = new MemoryStream(certBytes)) using (var pfxStream = new MemoryStream()) { _logger.LogInformation("Reading in Certificate chain (PEM)"); var cert = CertHelper.ImportCertificate(EncodingFormat.PEM, crtStream); _logger.LogInformation("Writing out Certificate archive (PKCS12)"); CertHelper.ExportArchive(key, new[] { cert }, ArchiveFormat.PKCS12, pfxStream); pfxStream.Position = 0L; Save(_state.CertificateFile, pfxStream); } _logger.LogInformation("Loading PKCS12 archive as active certificate"); _state.Certificate = new X509Certificate2(Load <byte[]>(_state.CertificateFile).value); return(true); }
internal async Task <byte[]> GetCertificate(OrderDetails order) => await Retry(() => _client.GetOrderCertificateAsync(order));