public ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website) { ResultObject result = new ResultObject(); try { X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); store.Open(OpenFlags.MaxAllowed); X509Certificate2 cert = store.Certificates.Find(X509FindType.FindBySerialNumber, certificate.SerialNumber, false)[0]; store.Remove(cert); store.Close(); RemoveBinding(certificate, website); result.IsSuccess = true; } catch (Exception ex) { result.IsSuccess = false; result.AddError("", ex); } return(result); }
public new ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website) { // This method removes all https bindings and all certificates associated with them. // Old implementation (IIS70) removed a single binding (there could not be more than one) and the first certificate that matched via serial number var result = new ResultObject { IsSuccess = true }; if (certificate == null) { return(result); } try { //var certificatesAndStoreNames = new List<Tuple<string, byte[]>>(); // User servermanager to get aLL SSL-bindings on this website and try to remove the certificates used using (var srvman = GetServerManager()) { var site = srvman.Sites[website.Name]; var bindings = site.Bindings.Where(b => b.Protocol == "https"); foreach (Binding binding in bindings.ToList()) { // Remove binding from site site.Bindings.Remove(binding); } srvman.CommitChanges(); } } catch (Exception ex) { Log.WriteError(String.Format("Unable to delete certificate for website {0}", website.Name), ex); result.IsSuccess = false; result.AddError("", ex); } return(result); }
public new ResultObject DeleteCertificate(SSLCertificate certificate, WebSite website) { // This method removes all https bindings and all certificates associated with them. // Old implementation (IIS70) removed a single binding (there could not be more than one) and the first certificate that matched via serial number var result = new ResultObject { IsSuccess = true }; if (certificate == null) { return(result); } try { var certificatesAndStoreNames = new List <Tuple <string, byte[]> >(); // User servermanager to get aLL SSL-bindings on this website and try to remove the certificates used using (var srvman = GetServerManager()) { var site = srvman.Sites[website.Name]; var bindings = site.Bindings.Where(b => b.Protocol == "https"); foreach (Binding binding in bindings.ToList()) { if (binding.SslFlags.HasFlag(SslFlags.CentralCertStore)) { if (!string.IsNullOrWhiteSpace(CCSUncPath) && Directory.Exists(CCSUncPath)) { // This is where it will be if CCS is used var path = GetCCSPath(certificate.Hostname); if (File.Exists(path)) { File.Delete(path); } // If binding with hostname, also try to delete with the hostname in the binding // This is because if SNI is used, several bindings are created for every valid name in the cerificate, but only one name exists in the SSLCertificate if (!string.IsNullOrEmpty(binding.Host)) { path = GetCCSPath(binding.Host); if (File.Exists(path)) { File.Delete(path); } } } } else { var certificateAndStoreName = new Tuple <string, byte[]>(binding.CertificateStoreName, binding.CertificateHash); if (!string.IsNullOrEmpty(binding.CertificateStoreName) && !certificatesAndStoreNames.Contains(certificateAndStoreName)) { certificatesAndStoreNames.Add(certificateAndStoreName); } } // Remove binding from site site.Bindings.Remove(binding); } srvman.CommitChanges(); foreach (var certificateAndStoreName in certificatesAndStoreNames) { // Delete all certs with the same serialnumber in Store var store = new X509Store(certificateAndStoreName.Item1, StoreLocation.LocalMachine); store.Open(OpenFlags.MaxAllowed); var certs = store.Certificates.Find(X509FindType.FindByThumbprint, BitConverter.ToString(certificateAndStoreName.Item2).Replace("-", ""), false); foreach (var cert in certs) { store.Remove(cert); } store.Close(); } } } catch (Exception ex) { Log.WriteError(String.Format("Unable to delete certificate for website {0}", website.Name), ex); result.IsSuccess = false; result.AddError("", ex); } return(result); }