void IInstallationPlugin.Install(IStorePlugin store, CertificateInfo newCertificate, CertificateInfo oldCertificate)
{
if (!(store is CertificateStore))
{
// Unknown/unsupported store
var errorMessage = "This installation plugin cannot be used in combination with the store plugin";
_log.Error(errorMessage);
throw new InvalidOperationException(errorMessage);
}
_iisClient.UpdateFtpSite(_options.SiteId, newCertificate, oldCertificate);
}
Task IInstallationPlugin.Install(IEnumerable <IStorePlugin> stores, CertificateInfo newCertificate, CertificateInfo oldCertificate)
{
if (!stores.Any(x => x is CertificateStore))
{
// Unknown/unsupported store
var errorMessage = "This installation plugin cannot be used in combination with the store plugin";
_log.Error(errorMessage);
throw new InvalidOperationException(errorMessage);
}
_iisClient.UpdateFtpSite(_options.SiteId, newCertificate, oldCertificate);
return(Task.CompletedTask);
}
void IInstallationPlugin.Install(CertificateInfo newCertificate, CertificateInfo oldCertificate)
{
_iisClient.UpdateFtpSite(_options.SiteId, newCertificate, oldCertificate);
}
Task <bool> IInstallationPlugin.Install(
Target source,
IEnumerable <IStorePlugin> stores,
CertificateInfo newCertificate,
CertificateInfo?oldCertificate)
{
// Store validation
var centralSslForHttp = false;
var centralSsl = stores.FirstOrDefault(x => x is CentralSsl);
var certificateStore = stores.FirstOrDefault(x => x is CertificateStore);
if (centralSsl == null && certificateStore == null)
{
// No supported store
var errorMessage = "The IIS installation plugin requires the CertificateStore and/or CentralSsl store plugin";
_log.Error(errorMessage);
throw new InvalidOperationException(errorMessage);
}
// Determine site types
foreach (var part in source.Parts)
{
part.SiteId ??= _options.SiteId;
part.SiteType ??= _iisClient.GetSite(part.SiteId !.Value).Type;
}
if (centralSsl != null)
{
centralSslForHttp = true;
var supported = true;
var reason = "";
if (_iisClient.Version.Major < 8)
{
reason = "CentralSsl store requires IIS version 8.0 or higher";
supported = false;
centralSslForHttp = false;
}
if (source.Parts.Any(p => p.SiteType == IISSiteType.Ftp))
{
reason = "CentralSsl store is not supported for FTP sites";
supported = false;
}
if (!supported && certificateStore == null)
{
// Only throw error if there is no fallback
// available to the CertificateStore plugin.
_log.Error(reason);
throw new InvalidOperationException(reason);
}
}
foreach (var part in source.Parts)
{
var httpIdentifiers = part.Identifiers.OfType <DnsIdentifier>();
var bindingOptions = new BindingOptions();
// Pick between CentralSsl and CertificateStore
bindingOptions = centralSslForHttp
? bindingOptions.
WithFlags(SSLFlags.CentralSsl)
: bindingOptions.
WithThumbprint(newCertificate.Certificate.GetCertHash()).
WithStore(newCertificate.StoreInfo[typeof(CertificateStore)].Path);
switch (part.SiteType)
{
case IISSiteType.Web:
// Optionaly overrule the standard IP for new bindings
if (!string.IsNullOrEmpty(_options.NewBindingIp))
{
bindingOptions = bindingOptions.
WithIP(_options.NewBindingIp);
}
// Optionaly overrule the standard port for new bindings
if (_options.NewBindingPort > 0)
{
bindingOptions = bindingOptions.
WithPort(_options.NewBindingPort.Value);
}
bindingOptions = bindingOptions.WithSiteId(part.SiteId !.Value);
_iisClient.UpdateHttpSite(httpIdentifiers, bindingOptions, oldCertificate?.Certificate.GetCertHash(), newCertificate.SanNames);
if (certificateStore != null)
{
_iisClient.UpdateFtpSite(0, newCertificate, oldCertificate);
}
break;
case IISSiteType.Ftp:
// Update FTP site
_iisClient.UpdateFtpSite(part.SiteId !.Value, newCertificate, oldCertificate);
_iisClient.UpdateHttpSite(httpIdentifiers, bindingOptions, oldCertificate?.Certificate.GetCertHash(), newCertificate.SanNames);
break;
default:
_log.Error("Unknown site type");
break;
}
}
return(Task.FromResult(true));
}
