internal static extern int HttpSetServiceConfiguration_Ssl(
[In] IntPtr serviceIntPtr,
[In] HttpServiceConfigId configId,
[In] ref HttpServiceConfigSslSet configInformation,
[In] int configInformationLength,
// this must be IntPtr.Zero
[In] IntPtr pOverlapped);
void UnbindSSL()
{
int retVal = SafeNativeMethods.NoError;
WinsockSockAddr sockAddr = null;
try
{
retVal = SafeNativeMethods.HttpInitialize(HttpWrapper.HttpApiVersion1, SafeNativeMethods.HTTP_INITIALIZE_CONFIG, IntPtr.Zero);
if (SafeNativeMethods.NoError == retVal)
{
IntPtr pOverlapped = IntPtr.Zero;
sockAddr = new WinsockSockAddr(new IPAddress(0), (short)this.port);
HttpServiceConfigSslSet sslConf = new HttpServiceConfigSslSet();
sslConf.KeyDesc.pIpPort = sockAddr.PinnedSockAddr;
sslConf.ParamDesc.DefaultCertCheckMode = 0;
sslConf.ParamDesc.DefaultFlags = SafeNativeMethods.HTTP_SERVICE_CONFIG_SSL_FLAG_NEGOTIATE_CLIENT_CERT;
sslConf.ParamDesc.DefaultRevocationFreshnessTime = 0;
sslConf.ParamDesc.pSslCertStoreName = certificateStore;
byte[] sslHash = this.cert.GetCertHash();
sslConf.ParamDesc.pSslHash = new SafeLocalAllocation(sslHash.Length);
sslConf.ParamDesc.pSslHash.Copy(sslHash, 0, sslHash.Length);
sslConf.ParamDesc.SslHashLength = sslHash.Length;
int configInformationLength = System.Runtime.InteropServices.Marshal.SizeOf(sslConf);
retVal = SafeNativeMethods.HttpDeleteServiceConfiguration_Ssl(IntPtr.Zero,
HttpServiceConfigId.HttpServiceConfigSSLCertInfo,
ref sslConf,
configInformationLength, pOverlapped);
sslConf.ParamDesc.pSslHash.Close();
GC.KeepAlive(sockAddr);
}
}
finally
{
if (sockAddr != null)
{
sockAddr.Dispose();
}
SafeNativeMethods.HttpTerminate(SafeNativeMethods.HTTP_INITIALIZE_CONFIG, IntPtr.Zero);
}
if (retVal != SafeNativeMethods.NoError && retVal != SafeNativeMethods.FileNotFound && retVal != SafeNativeMethods.ErrorInvalidParameter)
{
throw new WsatAdminException(WsatAdminErrorCode.HTTPS_PORT_SSL_CERT_UNBINDING,
SR.GetString(SR.ErrorHttpsPortSSLUnbinding, retVal));
}
}
void BindSSL()
{
int retVal = SafeNativeMethods.NoError;
WinsockSockAddr sockAddr = null;
try
{
retVal = SafeNativeMethods.HttpInitialize(HttpWrapper.HttpApiVersion1, SafeNativeMethods.HTTP_INITIALIZE_CONFIG, IntPtr.Zero);
if (SafeNativeMethods.NoError == retVal)
{
IntPtr pOverlapped = IntPtr.Zero;
sockAddr = new WinsockSockAddr(new IPAddress(0), (short)this.port);
HttpServiceConfigSslSet sslConf = new HttpServiceConfigSslSet();
sslConf.KeyDesc.pIpPort = sockAddr.PinnedSockAddr;
sslConf.ParamDesc.DefaultCertCheckMode = 0;
sslConf.ParamDesc.DefaultFlags = SafeNativeMethods.HTTP_SERVICE_CONFIG_SSL_FLAG_NEGOTIATE_CLIENT_CERT;
sslConf.ParamDesc.DefaultRevocationFreshnessTime = 0;
sslConf.ParamDesc.pSslCertStoreName = certificateStore;
byte[] sslHash = this.cert.GetCertHash();
sslConf.ParamDesc.pSslHash = new SafeLocalAllocation(sslHash.Length);
sslConf.ParamDesc.pSslHash.Copy(sslHash, 0, sslHash.Length);
sslConf.ParamDesc.SslHashLength = sslHash.Length;
int configInformationLength = Marshal.SizeOf(sslConf);
retVal = SafeNativeMethods.HttpSetServiceConfiguration_Ssl(IntPtr.Zero,
HttpServiceConfigId.HttpServiceConfigSSLCertInfo,
ref sslConf,
configInformationLength, pOverlapped);
if (SafeNativeMethods.ErrorAlreadyExists == retVal)
{
retVal = SafeNativeMethods.HttpDeleteServiceConfiguration_Ssl(IntPtr.Zero,
HttpServiceConfigId.HttpServiceConfigSSLCertInfo,
ref sslConf,
configInformationLength,
IntPtr.Zero);
if (SafeNativeMethods.NoError == retVal)
{
retVal = SafeNativeMethods.HttpSetServiceConfiguration_Ssl(IntPtr.Zero,
HttpServiceConfigId.HttpServiceConfigSSLCertInfo,
ref sslConf,
configInformationLength, pOverlapped);
}
}
GC.KeepAlive(sockAddr);
sslConf.ParamDesc.pSslHash.Close();
}
}
finally
{
if (sockAddr != null)
{
sockAddr.Dispose();
}
SafeNativeMethods.HttpTerminate(SafeNativeMethods.HTTP_INITIALIZE_CONFIG, IntPtr.Zero);
}
if (SafeNativeMethods.NoError != retVal)
{
if (SafeNativeMethods.ErrorAlreadyExists == retVal)
{
throw new WsatAdminException(WsatAdminErrorCode.HTTPS_PORT_SSL_CERT_BINDING_ALREADYEXISTS,
SR.GetString(SR.ErrorHttpsPortSSLBindingAlreadyExists));
}
else
{
throw new WsatAdminException(WsatAdminErrorCode.HTTPS_PORT_SSL_CERT_BINDING,
SR.GetString(SR.ErrorHttpsPortSSLBinding, retVal));
}
}
}