public ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website)
{
ResultObject result = new ResultObject();
try
{
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.MaxAllowed);
X509Certificate2 cert =
store.Certificates.Find(X509FindType.FindBySerialNumber, certificate.SerialNumber, false)[0];
store.Remove(cert);
store.Close();
RemoveBinding(certificate, website);
result.IsSuccess = true;
}
catch (Exception ex)
{
result.IsSuccess = false;
result.AddError("", ex);
}
return(result);
}
public new ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website)
{
// This method removes all https bindings and all certificates associated with them.
// Old implementation (IIS70) removed a single binding (there could not be more than one) and the first certificate that matched via serial number
var result = new ResultObject {
IsSuccess = true
};
if (certificate == null)
{
return(result);
}
try
{
//var certificatesAndStoreNames = new List<Tuple<string, byte[]>>();
// User servermanager to get aLL SSL-bindings on this website and try to remove the certificates used
using (var srvman = GetServerManager())
{
var site = srvman.Sites[website.Name];
var bindings = site.Bindings.Where(b => b.Protocol == "https");
foreach (Binding binding in bindings.ToList())
{
// Remove binding from site
site.Bindings.Remove(binding);
}
srvman.CommitChanges();
}
}
catch (Exception ex)
{
Log.WriteError(String.Format("Unable to delete certificate for website {0}", website.Name), ex);
result.IsSuccess = false;
result.AddError("", ex);
}
return(result);
}
public new ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website)
{
// This method removes all https bindings and all certificates associated with them.
// Old implementation (IIS70) removed a single binding (there could not be more than one) and the first certificate that matched via serial number
var result = new ResultObject {
IsSuccess = true
};
if (certificate == null)
{
return(result);
}
try
{
var certificatesAndStoreNames = new List <Tuple <string, byte[]> >();
// User servermanager to get aLL SSL-bindings on this website and try to remove the certificates used
using (var srvman = GetServerManager())
{
var site = srvman.Sites[website.Name];
var bindings = site.Bindings.Where(b => b.Protocol == "https");
foreach (Binding binding in bindings.ToList())
{
if (binding.SslFlags.HasFlag(SslFlags.CentralCertStore))
{
if (!string.IsNullOrWhiteSpace(CCSUncPath) && Directory.Exists(CCSUncPath))
{
// This is where it will be if CCS is used
var path = GetCCSPath(certificate.Hostname);
if (File.Exists(path))
{
File.Delete(path);
}
// If binding with hostname, also try to delete with the hostname in the binding
// This is because if SNI is used, several bindings are created for every valid name in the cerificate, but only one name exists in the SSLCertificate
if (!string.IsNullOrEmpty(binding.Host))
{
path = GetCCSPath(binding.Host);
if (File.Exists(path))
{
File.Delete(path);
}
}
}
}
else
{
var certificateAndStoreName = new Tuple <string, byte[]>(binding.CertificateStoreName, binding.CertificateHash);
if (!string.IsNullOrEmpty(binding.CertificateStoreName) && !certificatesAndStoreNames.Contains(certificateAndStoreName))
{
certificatesAndStoreNames.Add(certificateAndStoreName);
}
}
// Remove binding from site
site.Bindings.Remove(binding);
}
srvman.CommitChanges();
foreach (var certificateAndStoreName in certificatesAndStoreNames)
{
// Delete all certs with the same serialnumber in Store
var store = new X509Store(certificateAndStoreName.Item1, StoreLocation.LocalMachine);
store.Open(OpenFlags.MaxAllowed);
var certs = store.Certificates.Find(X509FindType.FindByThumbprint, BitConverter.ToString(certificateAndStoreName.Item2).Replace("-", ""), false);
foreach (var cert in certs)
{
store.Remove(cert);
}
store.Close();
}
}
}
catch (Exception ex)
{
Log.WriteError(String.Format("Unable to delete certificate for website {0}", website.Name), ex);
result.IsSuccess = false;
result.AddError("", ex);
}
return(result);
}