void m_initialize2(String uri, PolicyAuthenticationEnum authentication, Int32 priority, Boolean renewalOnly)
{
Uri = new Uri(uri);
Priority = priority;
Authentication = authentication;
RenewalOnly = renewalOnly;
}
//internal String dn;
/// <param name="uri">Certificate Enrollment Web Services (CES) URL.
/// </param>
/// <param name="authentication">Specifies the authentication type supported by the URL.</param>
/// <param name="priority">Specifies a priority for the URL. The lower number means higher priority.</param>
/// <param name="renewalOnly">Specifies whether a service supports only renewal operations
/// (do not support initial certificate enrollment).</param>
/// <exception cref="ArgumentNullException">The string in the <strong>uri</strong> parameter is null or empty.</exception>
public CESUri(String uri, PolicyAuthenticationEnum authentication, Int32 priority, Boolean renewalOnly)
{
if (String.IsNullOrEmpty(uri))
{
throw new ArgumentNullException("uri");
}
m_initialize2(uri, authentication, priority, renewalOnly);
}
/// <param name="url">Specifies the certificate enrollment policy server endpoint URL.</param>
/// <param name="userContext">Specifies whether the policy is intended for user or computer context.</param>
/// <param name="authentication">Specifies the authentication type used for the policy server.</param>
/// <param name="userName">
/// Specifies the user name to authenticate in enrollment policy server.
/// <para>If the authentication type is set to <strong>ClientCertificate</strong>, this parameter must contains
/// authentication certificate's thumbprint.</para>
/// <para>This parameter must be omitted when <strong>Kerberos</strong> authentication is used.</para>
/// </param>
/// <param name="password">
/// Specifies the password to authenticate in enrollment policy server.
/// <para>This parameter must be used only when <strong>UserNameAndPassword</strong> authentication
/// method is used. This parameter must be omitted in all other authentication methods.</para>
/// </param>
/// <exception cref="ArgumentNullException">The <strong>url</strong> parameter is null.</exception>
/// <exception cref="NotSupportedException">The operating system do not support certificate enrollment policy servers.</exception>
public PolicyServerClient(String url, Boolean userContext, PolicyAuthenticationEnum authentication, String userName, SecureString password)
{
if (!CryptographyUtils.TestCepCompat())
{
throw new NotSupportedException();
}
if (String.IsNullOrEmpty(url))
{
throw new ArgumentNullException(nameof(url));
}
registered = false;
uName = userName;
uPassword = password;
m_initialize2(url, userContext, authentication, false);
}
void m_initialize2(String url, Boolean userContext, PolicyAuthenticationEnum auth, Boolean Private)
{
policy = new CX509EnrollmentPolicyWebService();
try {
if (!Private)
{
switch (auth)
{
case PolicyAuthenticationEnum.UserNameAndPassword:
policy.SetCredential(0, (X509EnrollmentAuthFlags)auth, uName, Marshal.PtrToStringAuto(Marshal.SecureStringToBSTR(uPassword)));
break;
case PolicyAuthenticationEnum.ClientCertificate:
policy.SetCredential(0, (X509EnrollmentAuthFlags)auth, uName, null);
break;
}
}
X509CertificateEnrollmentContext context = userContext
? X509CertificateEnrollmentContext.ContextUser
: X509CertificateEnrollmentContext.ContextMachine;
policy.Initialize(url, null, (X509EnrollmentAuthFlags)auth, false, context);
try {
policy.LoadPolicy(X509EnrollmentPolicyLoadOption.LoadOptionDefault);
} catch { }
try {
Name = policy.GetFriendlyName();
} catch { }
PolicyId = policy.GetPolicyServerId();
URL = new Uri(url);
Authentication = auth;
FilePath = policy.GetCachePath();
UserContext = userContext;
} catch (Exception e) {
throw Error.ComExceptionHandler(e);
} finally {
CryptographyUtils.ReleaseCom(policy);
}
}
