private async Task PersistCertificateAsync(CertificateType persistenceType, IPersistableCertificate certificate,
IEnumerable <ICertificatePersistenceStrategy> strategies)
{
_logger.LogTrace("Persisting {type} certificate through strategies", persistenceType);
var tasks = strategies.Select(x => x.PersistAsync(persistenceType, certificate));
await Task.WhenAll(tasks);
}
public Task PersistAsync(CertificateType persistenceType, IPersistableCertificate certificate)
{
lock (typeof(FileCertificatePersistenceStrategy))
{
File.WriteAllBytes(
GetCertificatePath(persistenceType),
certificate.RawData);
}
return(Task.CompletedTask);
}
public Task PersistAsync(CertificateType persistenceType, IPersistableCertificate certificate)
{
switch (persistenceType)
{
case CertificateType.Account:
_accountCertificate = (IKeyCertificate)certificate;
break;
case CertificateType.Site:
_siteCertificate = certificate;
break;
default:
throw new ArgumentException("Unhandled persistence type", nameof(persistenceType));
}
return(Task.CompletedTask);
}
public async Task PersistAsync(CertificateType persistenceType, IPersistableCertificate certificate)
{
if (certificate.RawData.Length == 0)
{
_logger.LogWarning("Tried to persist empty certificate.");
return;
}
if (persistenceType != CertificateType.Site)
{
_logger.LogTrace("Skipping certificate persistence because a certificate of type {CertificateType} can't be persisted in Azure.", persistenceType);
return;
}
var domains = _letsEncryptOptions.Domains.ToArray();
_logger.LogInformation("Creating new Azure certificate of type {CertificateType} and domains {DomainNames}.", persistenceType, String.Join(", ", domains));
var apps = await _client.WebApps.ListByResourceGroupAsync(_azureOptions.ResourceGroupName);
var relevantApps = new HashSet <AzureAppInstance>();
foreach (var app in apps)
{
_logger.LogTrace("Checking hostnames of app {AppName} (AppHostNames: {HostNames}) against domains {DomainNames}.", app.Name, app.HostNames, String.Join(", ", domains));
if (DoDomainsMatch(app.HostNames, domains))
{
_logger.LogTrace("App {AppName} matches a domain", app.Name);
relevantApps.Add(new AzureAppInstance(app));
}
if (app.DeploymentSlots != null)
{
var slots = await app.DeploymentSlots.ListAsync();
foreach (var slot in slots)
{
_logger.LogTrace(
"Checking hostnames of app {AppName}/slot {slot} (AppHostNames: {HostNames}) against domains {Domains}.",
app.Name, slot.Name,
slot.HostNames, String.Join(", ", domains));
if (DoDomainsMatch(slot.HostNames, domains))
{
_logger.LogTrace("App {AppName}/slot {slot} matches a domain", app.Name, slot.Name);
relevantApps.Add(new AzureAppInstance(app, slot));
}
}
}
}
if (!relevantApps.Any())
{
throw new InvalidOperationException(
$"Could not find an app that has a hostname created for domains {String.Join(", ", domains)}.");
}
var regionName = relevantApps.FirstOrDefault()?.RegionName;
_logger.LogInformation("Found region name to use to use for new certificate: {RegionName}", regionName);
IAppServiceCertificate newCertificate = await CreateOrUpdateCertificateAsync(certificate.RawData, regionName);
foreach (var appTuple in relevantApps)
{
await UpdateAppBindingsAsync(appTuple, newCertificate, domains);
}
await DeleteOldCertificatesAsync(newCertificate);
}
public Task PersistAsync(CertificateType persistenceType, IPersistableCertificate certificate)
{
return(persistAsync(persistenceType, certificate.RawData));
}
public async Task PersistSiteCertificateAsync(IPersistableCertificate certificate)
{
await PersistCertificateAsync(CertificateType.Site, certificate, _certificatePersistenceStrategies);
_logger.LogInformation("Certificate persisted for later use.");
}
