public async Task <(X509Certificate2 cert, byte[] rawCert)> AcquireNewCertificateForHosts(
string hostName,
CsrInfo certificateSigningRequest,
string certificateFriendlyName,
string certificatePassword,
CancellationToken cancellationToken)
{
_logger.LogInformation("Ordering LetsEncrypt certificate for hosts {0}.", new object[] { hostName });
var order = await _acmeContext.NewOrder(new string[] { hostName });
await ValidateOrderAsync(order, cancellationToken);
var certificateBytes = await AcquireCertificateBytesFromOrderAsync(
order,
certificateSigningRequest,
certificateFriendlyName,
certificatePassword,
cancellationToken);
if (certificateBytes == null)
{
throw new InvalidOperationException("The certificate from the order was null.");
}
var certificate = new X509Certificate2(certificateBytes, certificatePassword);
return(certificate, certificateBytes);
}
public async Task <ChallengeOrder> CreateOrder(string domain)
{
_logger.LogInformation("New certificate order for {domain}", domain);
var order = await _acme.NewOrder(new[] { domain });
return(new ChallengeOrder
{
Order = order,
DnsName = domain
});
}
private async Task AcquireNewCertificateForDomains(string[] domains)
{
_logger.LogInformation("Ordering LetsEncrypt certificate for domains {0}.", new object[] { domains });
var order = await acme.NewOrder(domains);
await ValidateOrderAsync(domains, order);
var certificateBytes = await AcquireCertificateBytesFromOrderAsync(order);
if (certificateBytes == null)
{
throw new InvalidOperationException("The certificate from the order was null.");
}
await _persistenceService.PersistSiteCertificateAsync(certificateBytes);
Certificate = new X509Certificate2(certificateBytes, nameof(FluffySpoon));
}
public async Task <PlacedOrder> PlaceOrder(string[] domains)
{
_logger.LogInformation("Ordering LetsEncrypt certificate for domains {0}.", new object[] { domains });
var order = await _acme.NewOrder(domains);
var allAuthorizations = await order.Authorizations();
var challengeContexts = await Task.WhenAll(allAuthorizations.Select(x => x.Http()));
var nonNullChallengeContexts = challengeContexts.Where(x => x != null).ToArray();
var dtos = nonNullChallengeContexts.Select(x => new ChallengeDto
{
Token = x.Type == ChallengeTypes.Dns01 ? _acme.AccountKey.DnsTxt(x.Token) : x.Token,
Response = x.KeyAuthz,
Domains = domains
}).ToArray();
return(new PlacedOrder(dtos, order, nonNullChallengeContexts));
}
private async Task AcquireNewCertificateForDomains(string[] domains)
{
_logger.LogInformation("Ordering LetsEncrypt certificate for domains {0}.", new object[] { domains });
if (domains.Any(x => x.StartsWith(WildcardPrefix)) && !_persistenceService.HasStrategyForChallengeType(ChallengeType.Dns01))
{
throw new InvalidOperationException("A certificate containing a wildcard domain was requested, but no DNS challenge strategies have been registered.");
}
var order = await acme.NewOrder(domains);
await ValidateOrderAsync(domains, order);
var certificateBytes = await AcquireCertificateBytesFromOrderAsync(order);
if (certificateBytes == null)
{
throw new InvalidOperationException("The certificate from the order was null.");
}
await _persistenceService.PersistSiteCertificateAsync(certificateBytes);
Certificate = new X509Certificate2(certificateBytes, nameof(FluffySpoon));
}
