コード例 #1
0
ファイル: SSLModuleService.cs プロジェクト: pasamsin/SolidCP
        public ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website)
        {
            ResultObject result = new ResultObject();

            try
            {
                X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);

                store.Open(OpenFlags.MaxAllowed);

                X509Certificate2 cert =
                    store.Certificates.Find(X509FindType.FindBySerialNumber, certificate.SerialNumber, false)[0];
                store.Remove(cert);

                store.Close();
                RemoveBinding(certificate, website);

                result.IsSuccess = true;
            }
            catch (Exception ex)
            {
                result.IsSuccess = false;
                result.AddError("", ex);
            }
            return(result);
        }
コード例 #2
0
        public new ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website)
        {
            // This method removes all https bindings and all certificates associated with them.
            // Old implementation (IIS70) removed a single binding (there could not be more than one) and the first certificate that matched via serial number
            var result = new ResultObject {
                IsSuccess = true
            };

            if (certificate == null)
            {
                return(result);
            }

            try
            {
                //var certificatesAndStoreNames = new List<Tuple<string, byte[]>>();

                // User servermanager to get aLL SSL-bindings on this website and try to remove the certificates used
                using (var srvman = GetServerManager())
                {
                    var site     = srvman.Sites[website.Name];
                    var bindings = site.Bindings.Where(b => b.Protocol == "https");

                    foreach (Binding binding in bindings.ToList())
                    {
                        // Remove binding from site
                        site.Bindings.Remove(binding);
                    }

                    srvman.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                Log.WriteError(String.Format("Unable to delete certificate for website {0}", website.Name), ex);
                result.IsSuccess = false;
                result.AddError("", ex);
            }

            return(result);
        }
コード例 #3
0
        public new ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website)
        {
            // This method removes all https bindings and all certificates associated with them.
            // Old implementation (IIS70) removed a single binding (there could not be more than one) and the first certificate that matched via serial number
            var result = new ResultObject {
                IsSuccess = true
            };

            if (certificate == null)
            {
                return(result);
            }

            try
            {
                var certificatesAndStoreNames = new List <Tuple <string, byte[]> >();

                // User servermanager to get aLL SSL-bindings on this website and try to remove the certificates used
                using (var srvman = GetServerManager())
                {
                    var site     = srvman.Sites[website.Name];
                    var bindings = site.Bindings.Where(b => b.Protocol == "https");

                    foreach (Binding binding in bindings.ToList())
                    {
                        if (binding.SslFlags.HasFlag(SslFlags.CentralCertStore))
                        {
                            if (!string.IsNullOrWhiteSpace(CCSUncPath) && Directory.Exists(CCSUncPath))
                            {
                                // This is where it will be if CCS is used
                                var path = GetCCSPath(certificate.Hostname);
                                if (File.Exists(path))
                                {
                                    File.Delete(path);
                                }

                                // If binding with hostname, also try to delete with the hostname in the binding
                                // This is because if SNI is used, several bindings are created for every valid name in the cerificate, but only one name exists in the SSLCertificate
                                if (!string.IsNullOrEmpty(binding.Host))
                                {
                                    path = GetCCSPath(binding.Host);
                                    if (File.Exists(path))
                                    {
                                        File.Delete(path);
                                    }
                                }
                            }
                        }
                        else
                        {
                            var certificateAndStoreName = new Tuple <string, byte[]>(binding.CertificateStoreName, binding.CertificateHash);

                            if (!string.IsNullOrEmpty(binding.CertificateStoreName) && !certificatesAndStoreNames.Contains(certificateAndStoreName))
                            {
                                certificatesAndStoreNames.Add(certificateAndStoreName);
                            }
                        }

                        // Remove binding from site
                        site.Bindings.Remove(binding);
                    }

                    srvman.CommitChanges();

                    foreach (var certificateAndStoreName in certificatesAndStoreNames)
                    {
                        // Delete all certs with the same serialnumber in Store
                        var store = new X509Store(certificateAndStoreName.Item1, StoreLocation.LocalMachine);
                        store.Open(OpenFlags.MaxAllowed);

                        var certs = store.Certificates.Find(X509FindType.FindByThumbprint, BitConverter.ToString(certificateAndStoreName.Item2).Replace("-", ""), false);
                        foreach (var cert in certs)
                        {
                            store.Remove(cert);
                        }

                        store.Close();
                    }
                }
            }
            catch (Exception ex)
            {
                Log.WriteError(String.Format("Unable to delete certificate for website {0}", website.Name), ex);
                result.IsSuccess = false;
                result.AddError("", ex);
            }

            return(result);
        }