public CreatePrivateCertificateResult CreateCertificateWithPrivateKey(CreatePrivateCertificateModel model, ClaimsPrincipal user) { model.RequestDate = DateTime.Now; KeyUsage keyUsage = dataTransformation.ParseKeyUsage(model.KeyUsage); AdcsTemplate template = templateLogic.DiscoverTemplate(model.CipherAlgorithm, model.Provider, keyUsage); if (!templateLogic.ValidateTemplateWithRequest(model, template)) { throw new AdcsTemplateValidationException("Certificate request does not meet the requirements of the certificate template"); } if (authorizationLogic.IsAuthorized(template, user)) { CertificateRequest csr = certificateProvider.CreateCsrKeyPair(dataTransformation.NewCertificateSubjectFromModel(model), model.CipherAlgorithm, model.KeySize, model.Provider, SigningRequestProtocol.Pkcs10); MicrosoftCertificateAuthority ca = configurationRepository.GetPrivateCertificateAuthority(model.HashAlgorithm); CertificateAuthorityRequestResponse response = ca.Sign(csr, template.Name, template.KeyUsage); CreatePrivateCertificateResult result = ProcessCertificateAuthorityResponse(model, response, csr.Subject, user); this.Audit(result, user); return(result); } else { return(ProcessNewPendingCertificateWorkflow(model)); } }