public void ProcessPFXTest()
{
var pfxName = Environment.GetEnvironmentVariable("TEMP") + "\\test_tmp.pfx";
var pfxPwd = "test";
var testPfx = "MIII4QIBAzCCCKcGCSqGSIb3DQEHAaCCCJgEggiUMIIIkDCCA0cGCSqGSIb3DQEHBqCCAzgwggM0AgEAMIIDLQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIA8LIxLUYVCsCAggAgIIDAMjaS/s4uR/FK7lYpSBe3QamT5HUbXWiKgxRlM1NbuGpICN9JIFuejxKmumBkEoFF/Jg+5XKZGAKKdiVG72kWwsY6D8T3WUcN8If9s2HacSBbsyeZ712OoOnh9vyyqu0TtQ5Z8BOPzO2tJImd05j4hZ3t/EO35vmeMdOM5BA6SS9TJ11E2cZuc2ARQlfIquW9yrQW+FmwFuVG6aqNXZA9c4YjQHn1xifuZ8HFZsSQpuG5KZQzOTUEivMtn7Ct7UK9MAlK7nQblxtpW5iYGpWxsrfh0GXp7+8olOY3dm8iHqwyoPoXEOVjnZPxOEn2dg9oJT3TOvcO85jwM3CkeyvPkzJeStqz2n1xFipETr7WRDekK0j7Z4qDmP6VZA0B3C4+91Occ0kKJDPtsHAUTMpkyhMTZEXCbFT1R8gfiOhFeWLzd4cOsTiUSpXSk9oG68kJ3uEaP0uXUH9eNVRXeHthGlxbl71AxkeOJa4nP8Fot5ZLaXYg8CWQ4NnC4YITBMdoBiiYKNwsPCJBiEueiuEB5puO/NS+ZOO346COxtalX8a1PKShFNw3bCvaHg54jIMsrPNy0K6mpas/h4u8iBgt8whk/AGDvTDjnyI8+rDfG+DROft2cDDJJx6cCxBOMtT2PDxx3Gb51eyjVhC5iWLTX3kUXfXrBUy+LlvZR43xCZHvAF5QEbTXbrCi5xoLoBim99k2mt56IoYYuBoPhQROzg/UIoohFGOrCKE6fz/VOlftElLDwgyNoLIdrHZv/H+FxYcE8L4UmZptMRa/QCiaNTL/j7jebBA2sgFu1GJeV5tfNP4qXfgmkzKFppb33adHdbF/wmQba4cS+Yxav4EE5pCCeIX0Bimrbfrp+ygUxgKtYZXiu9wmYDrgaHuFWxPjm+vZym1+SR9V3P0sv0zC8OE1rMzvMknBY7HLhyhf3zMItMMQDRabR/IfjMLCw8RjFKxWjgRGjVrT3R2Z9LdolbFV6usttvisLDWeEZiuIIPxQ2DHWfDQYf2mHY6cxnw3jCCBUEGCSqGSIb3DQEHAaCCBTIEggUuMIIFKjCCBSYGCyqGSIb3DQEMCgECoIIE7jCCBOowHAYKKoZIhvcNAQwBAzAOBAjpUIitGHGxFQICCAAEggTItZnpR7lMzolKkmZWdF4J8rKn7nkXXKOCicCxvt2sbRuMdH7mEH7S5uM7NAYHk0bXdHe7qGHVnfuM1HNiaEqLkOp2fRPMsHisSaakObIwmocVy7rLswNLkChV6feBpncAz8LJQDXdTy69N89olpzEJiV9AI8wRSZeiJmTQJ+d+ulGIYgT/JyPFOcA7XfHnt7wvBuG0rD/AlTfQy6HW26S6Ig+OXOKNh1QCs8IaQCyFVIv4A/jxWnRQTVnf/0+I9rBN8uOpME+7IhaAAYfz13POyix9ALrBfxEOdWDDYx1U+51/L7LbMg+nCjlzwCpbqd08VPqsKXLu7K8sZJbwMRxORsLsRvdaYK392d5GyDyLmi01gYtyfCWOB/nnzZb+XHKlryTO0nl0THqV8p3PQW61kvsoRCa8COY88Gbj0Y2LstQm7ClSxXI9F9D7RRkVsA/rzUKtOMgBIQP6MyZTo4e8vgrxn1Mg/yoz/JcN+DkX1vfPl2gIq4sBP50Yx+ceLKXrjSNNqCOoQ98egtioSoRP5G9yWIiyHqjZICg5t6ftVvUYoqkEcgg4rrE1UUNTQ5bL7w2Tg7J8V1H9apKyUSybdsxoVUlHO54BchhihPvXkB8qtCx4PSeNOZF1EiZT4z7IeKLr9Kj9AYFDaN/Gli6akBJENC3sl1+fQxXc3sPYfzkCWyrCzRd2tdxWAcdqgBBOXxkm2kzQtaDj7J7N5xoMHpeqltpXdv49L04rXsjin+FhB4FNWrf9xYNAXn2vjpjCUg2CcIO+PzoIFr5avsv99dq9LLYemw1P3CnKOe5TWsWWJdDTCXsviOFssiqv6l3OdjIirwxm96sX2Z1AayvLBpGCvn2JoJkOzSE9rO9g3ramuGOi1cjwHrIGNr/G3wZn9ft4wJXpBRUcxL/xK73ZpIRga2rSrG5Se3RELy898kCYnCNNa6zcfd5/eV8d1+5WMCMW9uRh7mpVbHVND1TVcruZeXToyjNb6q9UjRIhgWUlLWCCFMbX5Md41c/RqvTuN+CvcXMzOmrjfaQk81JK0csvT121CWJtd+QSkUSgyhAYzCj7MQMurtUKJx1EZ2fXFsVo0K0mjzcwU38wKqAZfn2hkTWcp5NyATO9nJ71z1PiBY/XAQsbv3eApf4WRQTwogq8XXpbx7Hm61TseJUfilTBlMlKj5CHmZrDFhBAIzIVixzydTwHGNsoqJ+/tnkaUWyAA2+C7kvMjtat5Mj/WavT/cYP7nmm/CTETCsXazmnQFXFI0egHPx88Icf9XgW27tBsgBMb4+KJRjvlnqjztNqzs5Eh52/dXupWmgS9q0Y8IcmHbFDjpfOXz9vB24/HhBe6U2kzn4WIHq6FbZZikjoHKX2V/I1QNDpZQj5ZI6w+pdoLHokHdz9K5PD3oZIf12Y/1RxzGVPNkCfvzO94eWmGaPmbE5mmRWEcYIbT5FvL0NZyAxztlHABxGbUDiOG/qNR1h7q1UiEhVv/CIZauij+8USbG7wFtuVxo5/enPdld9E32XSLCv+TjByfbxPiHkoCw8XkSbtyBq/0KtdiJ7CX2JtK74P5Jw/i/cshMdTX6V/r439g8YESV5XTCU7kLJMzI3iSBg6/5PoC+Ckho5xpcPSBmGMSUwIwYJKoZIhvcNAQkVMRYEFNPHWcwMABpZYlB+Bl74m8ceTJwmMDEwITAJBgUrDgMCGgUABBRIYzYkD++kAMXAxtTQ9+DDCK9LKAQIAK8dKmYIyIICAggA";
byte[] data = Convert.FromBase64String(testPfx);
File.WriteAllBytes(pfxName, data);
AuthenticatedPFX aPfx = new AuthenticatedPFX(pfxName, pfxPwd);
CertificateStorageManager certMgr = new CertificateStorageManager(aPfx, true);
try {
certMgr.ProcessPFX();
} catch (Exception e) {
Console.WriteLine(e);
Assert.Fail();
}
}
/// <summary>
/// Generate a certificate request
/// </summary>
/// <param name="certificatename"></param>
/// <param name="mainhost">Main host: www.google.com</param>
/// <param name="certificatePath">Path to store the generated certificates</param>
/// <param name="alternatehosts">Alterante hosts: list of alterante hosts for this certificate</param>
/// <returns></returns>
public CertificatePaths DownloadCertificate(
string certificatename,
string mainhost,
string certificatePath,
List <string> alternatehosts = null)
{
if (this.OrderContext == null)
{
throw new Exception("Do not call RetrieveCertificate before RegisterNewOrderAndVerify");
}
// Let's generate a new key (RSA is good enough IMHO)
IKey certKey = KeyFactory.NewKey(KeyAlgorithm.RS256);
// Then let's generate the CSR
var csr = this.OrderContext.CreateCsr(certKey).Result;
csr.AddName("CN", mainhost);
if (alternatehosts != null)
{
csr.SubjectAlternativeNames = alternatehosts;
}
// and finalize the ACME order
var finalOrder = this.OrderContext.Finalize(csr.Generate()).Result;
// Now we can fetch the certificate
CertificateChain cert = this.OrderContext.Download().Result;
// We build the PFX/PKCS#12 and the cert/key as PEM
var pfx = cert.ToPfx(certKey);
var cer = cert.ToPem();
var key = certKey.ToPem();
// pfx.AddIssuers(this.GetCACertChainFromStore()); Remote certificate already has information
var fileName = Path.Combine(certificatePath, Guid.NewGuid().ToString());
var pfxName = fileName + ".pfx";
var cerPath = fileName + ".cer";
var keyPath = fileName + ".key";
var authenticatedPfx = new AuthenticatedPFX(pfxName, cerPath, keyPath);
var pfxBytes = pfx.Build(certificatename, authenticatedPfx.PfxPassword);
// We write the PFX/PKCS#12 to file
File.WriteAllBytes(pfxName, pfxBytes);
this.Logger.LogInfo(true, $"Retrieved certificate from the CA. The certificate is in {pfxName}");
// We write the PEMs to corresponding files
File.WriteAllText(cerPath, cer);
File.WriteAllText(keyPath, key);
return(new CertificatePaths()
{
chainPemFile = string.Empty,
crtDerFile = string.Empty,
crtPemFile = cerPath,
csrGenFile = string.Empty,
csrPemFile = string.Empty,
keyGenFile = string.Empty,
keyPemFile = keyPath,
name = certificatename,
pfxPemFile = pfxName
});
}
