public void GetAddedCnsAndIssuersTest() { Dictionary <string, string> currentList = new Dictionary <string, string>() { { "cn1", "tp1,tp2" }, { "cn2", null }, { "cn3", "tp3" }, { "cn4", null } }; Dictionary <string, string> newList = new Dictionary <string, string>() { { "cn1", "tp2,tp4" }, { "cn2", null }, { "cn4", "tp5" }, { "cn5", null }, }; ServerCertificateCommonNames currentCns = ConstructCertCommonNames(currentList); ServerCertificateCommonNames newCns = ConstructCertCommonNames(newList); Dictionary <string, string> actualResult = CertificateClusterUpgradeFlow.GetAddedCnsAndIssuers(currentCns, newCns); Dictionary <string, string> expectedResult = new Dictionary <string, string>() { { "cn1", "tp4" }, { "cn4", "tp5" }, { "cn5", null }, }; Assert.AreEqual(expectedResult.Count, actualResult.Count); Assert.IsTrue(actualResult.All(p => p.Value == expectedResult[p.Key])); }
internal void VerifyFlow_ReplaceCn(ServerCertificateCommonNames currentCert, ServerCertificateCommonNames targetCert, List <CertificateClusterUpgradeStep> steps) { Assert.AreEqual(3, steps.Count); CertificateClusterUpgradeStep step = steps[0]; Assert.AreEqual(2, step.CommonNameWhiteList.Count); Assert.IsTrue(step.CommonNameWhiteList.Keys.Contains(currentCert.CommonNames[0].CertificateCommonName) && step.CommonNameWhiteList.Keys.Contains(targetCert.CommonNames[0].CertificateCommonName)); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => string.IsNullOrWhiteSpace(p))); Assert.IsTrue(step.CommonNameWhiteList.Values.Contains(currentCert.CommonNames[0].CertificateIssuerThumbprint) && step.CommonNameWhiteList.Values.Contains(targetCert.CommonNames[0].CertificateIssuerThumbprint)); Assert.AreEqual(currentCert.CommonNames[0].CertificateCommonName, step.CommonNameLoadList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameLoadList.CommonNames.Count); Assert.AreEqual(currentCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameFileStoreSvcList.CommonNames.Count); step = steps[1]; Assert.AreEqual(2, step.CommonNameWhiteList.Count); Assert.IsTrue(step.CommonNameWhiteList.Keys.Contains(currentCert.CommonNames[0].CertificateCommonName) && step.CommonNameWhiteList.Keys.Contains(targetCert.CommonNames[0].CertificateCommonName)); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => string.IsNullOrWhiteSpace(p))); Assert.IsTrue(step.CommonNameWhiteList.Values.Contains(currentCert.CommonNames[0].CertificateIssuerThumbprint) && step.CommonNameWhiteList.Values.Contains(targetCert.CommonNames[0].CertificateIssuerThumbprint)); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameLoadList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameLoadList.CommonNames.Count); Assert.AreEqual(currentCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[0].CertificateCommonName); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[1].CertificateCommonName); step = steps[2]; Assert.AreEqual(1, step.CommonNameWhiteList.Count); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameWhiteList.First().Key); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => string.IsNullOrWhiteSpace(p))); Assert.IsTrue(step.CommonNameWhiteList.Values.Contains(targetCert.CommonNames[0].CertificateIssuerThumbprint)); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameLoadList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameLoadList.CommonNames.Count); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameFileStoreSvcList.CommonNames.Count); }
internal override void FromInternal(X509 certificateInformation) { base.FromInternal(certificateInformation); this.ClusterCertificateCommonNames = certificateInformation.ClusterCertificateCommonNames; this.ServerCertificateCommonNames = certificateInformation.ServerCertificateCommonNames; this.ReverseProxyCertificateCommonNames = certificateInformation.ReverseProxyCertificateCommonNames; }
private ServerCertificateCommonNames ConstructServerCns(string[] cns, string[] issuerThumbprints) { ServerCertificateCommonNames result = new ServerCertificateCommonNames() { CommonNames = new List <CertificateCommonNameBase>() }; result.CommonNames = new List <CertificateCommonNameBase>(); int cnsLength = cns != null ? cns.Length : 0; int itLength = issuerThumbprints != null ? issuerThumbprints.Length : 0; for (int i = 0; i < Math.Max(cnsLength, itLength); i++) { CertificateCommonNameBase element = new CertificateCommonNameBase(); if (i < cnsLength) { element.CertificateCommonName = cns[i]; } if (i < itLength) { element.CertificateIssuerThumbprint = issuerThumbprints[i]; } result.CommonNames.Add(element); } return(result); }
internal void InternalValidateClusterCertificateIssuerThumbprintUpdateTest(string originalCns, string originalIssuerThumbprints, string updatedCns, string updatedIssuerThumbprints, ClusterManagementErrorCode?expectedErrorCode = null) { Utility.ValidateExpectedValidationException( delegate { ServerCertificateCommonNames original = ConstructServerCns(originalCns, originalIssuerThumbprints); ServerCertificateCommonNames updated = ConstructServerCns(updatedCns, updatedIssuerThumbprints); StandaloneSettingsValidator.ValidateClusterCertificateIssuerThumbprintUpdate( original, updated, new StandAloneTraceLogger("StandAloneDeploymentManager")); }, expectedErrorCode); }
internal ServerCertificateCommonNames ConstructServerCns(string cns, string issuerThumbprints) { string[] cnList = cns.Split(';'); string[] thumbprintList = issuerThumbprints != null?issuerThumbprints.Split(';') : null; ServerCertificateCommonNames result = new ServerCertificateCommonNames() { CommonNames = new List <CertificateCommonNameBase>() }; for (int i = 0; i < cnList.Length; i++) { result.CommonNames.Add(new CertificateCommonNameBase() { CertificateCommonName = cnList[i], CertificateIssuerThumbprint = thumbprintList != null ? thumbprintList[i] : null, }); } return(result); }
protected override List <SettingsTypeSection> OnGenerateFabricSettings( Security security, CertificateDescription thumbprintFileStoreCert, List <string> thumbprintClusterCertList, ServerCertificateCommonNames commonNameFileStoreCert, Dictionary <string, string> commonNameClusterCertList, int currentClusterSize = -1) { var result = new List <SettingsTypeSection>(); // GenerateSecuritySection always returns a non-null value var securitySections = this.GenerateSecuritySection(security, thumbprintClusterCertList, commonNameClusterCertList); result.AddRange(securitySections); var runAsSection = this.GenerateRunAsSection(security); if (runAsSection != null) { result.Add(runAsSection); } var httpApplicationGatewaySection = this.GenerateHttpApplicationGatewaySection(); if (httpApplicationGatewaySection != null) { result.Add(httpApplicationGatewaySection); } if (security == null || security.WindowsIdentities == null || security.WindowsIdentities.ClustergMSAIdentity == null) { var fileStoreSection = this.GenerateFileStoreServiceSection( thumbprintFileStoreCert, commonNameFileStoreCert, this.currentPrimaryAccountNtlmPassword, this.currentSecondaryAccountNtlmPassword, this.currentCommonNameNtlmPassword); if (fileStoreSection != null) { result.Add(fileStoreSection); } } var failoverManagerSection = currentClusterSize == -1 ? this.GenerateFailoverManagerSection() : this.GenerateFailoverManagerSection(currentClusterSize); result.Add(failoverManagerSection); if (this.TargetCsmConfig.DiagnosticsStoreInformation != null) { var dcaSections = this.GenerateDcaSections(); if (dcaSections != null) { result.AddRange(dcaSections); } } result.AddRange(this.GenerateClusterManagerSection()); var upgradeOrchestrationServiceSection = this.GenerateUpgradeOrchestrationServiceSection(); result.Add(upgradeOrchestrationServiceSection); result.AddRange(this.GenerateCommonSection()); result.AddRange(StandAloneFabricSettingsGenerator.GenerateSecretStoreSections(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateRepairManagerSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateDnsServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateBackupRestoreServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateResourceMonitorServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateSFVolumeDiskServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateEventStoreServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateGatewayResourceManagerSection(this.TargetCsmConfig)); return(result); }
protected override List <SettingsTypeSection> OnGenerateFabricSettings(Security security, CertificateDescription thumbprintFileStoreCert, List <string> thumbprintClusterCertList, ServerCertificateCommonNames commonNameFileStoreCert, Dictionary <string, string> commonNameClusterCertList, int currentClusterSize) { return(new List <SettingsTypeSection>()); }
internal void InternalValidateClusterCertificateInstallationTest(string[] findValues, string[] issuerThumbprints, string certType, ClusterManagementErrorCode?expectedErrorCode) { if (issuerThumbprints == null) { IEnumerable <CertificateDescription> certs = findValues.Select(p => new CertificateDescription() { Thumbprint = p }); foreach (CertificateDescription cert in certs) { var x509Cert = new X509(); switch (certType) { case "Cluster": x509Cert.ClusterCertificate = cert; break; case "Server": x509Cert.ServerCertificate = cert; break; case "ReverseProxy": x509Cert.ReverseProxyCertificate = cert; break; } Utility.ValidateExpectedValidationException( delegate { StandaloneSettingsValidator.ValidateCertificateInstallation( x509Cert, new string[] { "localhost" }, new StandAloneTraceLogger("StandAloneDeploymentManager")); }, expectedErrorCode); } } else { List <ServerCertificateCommonNames> certs = new List <ServerCertificateCommonNames>(); for (int i = 0; i < findValues.Count(); i++) { ServerCertificateCommonNames cert = new ServerCertificateCommonNames() { CommonNames = new List <CertificateCommonNameBase>() }; cert.CommonNames.Add(new CertificateCommonNameBase() { CertificateCommonName = findValues[i], CertificateIssuerThumbprint = issuerThumbprints[i] }); certs.Add(cert); } foreach (ServerCertificateCommonNames cert in certs) { var x509Cert = new X509(); switch (certType) { case "Cluster": x509Cert.ClusterCertificateCommonNames = cert; break; case "Server": x509Cert.ServerCertificateCommonNames = cert; break; case "ReverseProxy": x509Cert.ReverseProxyCertificateCommonNames = cert; break; } Utility.ValidateExpectedValidationException( delegate { StandaloneSettingsValidator.ValidateCertificateInstallation( x509Cert, new string[] { "localhost" }, new StandAloneTraceLogger("StandAloneDeploymentManager")); }, expectedErrorCode); } } }