public async Task ShouldFailWhenNewAuthorizationWithoutAccount() { using (var client = new AcmeClient(WellKnownServers.LetsEncryptStaging)) { await Assert.ThrowsAsync <InvalidOperationException>( () => client.NewAuthorization(new AuthorizationIdentifier())); } }
public async Task CanHandlerxistingAuthorization() { var accountKey = await Helper.LoadkeyV1(); var authzUri = new Uri("http://example.com/new-authz"); var authzLoc = new Uri("http://example.com/authz/111"); var mock = MockHttp(async req => { if (req.Method == HttpMethod.Post && req.RequestUri == authzUri) { var payload = await ParsePayload <AuthorizationEntity>(req); return(CreateResponse(null, HttpStatusCode.SeeOther, authzLoc)); } if (req.Method == HttpMethod.Get && req.RequestUri == authzLoc) { return(CreateResponse(new AuthorizationEntity { Identifier = new AuthorizationIdentifier { Type = AuthorizationIdentifierTypes.Dns, Value = "www.example.com", }, Status = EntityStatus.Pending, }, HttpStatusCode.OK, authzLoc)); } return(null); }); using (var http = new HttpClient(mock.Object)) using (var handler = new AcmeHttpHandler(server, http)) { using (var client = new AcmeClient(handler)) { client.Use(accountKey.Export()); var authz = await client.NewAuthorization(new AuthorizationIdentifier { Type = AuthorizationIdentifierTypes.Dns, Value = "www.example.com" }); Assert.NotNull(authz); Assert.Equal(authzLoc, authz.Location); } mock.As <IDisposable>().Verify(x => x.Dispose(), Times.Never()); } }
public async Task CanIssueSan() { var accountKey = await Helper.LoadkeyV1(); var csr = new CertificationRequestBuilder(); csr.AddName("C=CA, ST=Ontario, L=Toronto, O=Certes, OU=Dev, CN=www.certes-ci.dymetis.com"); csr.SubjectAlternativeNames.Add("mail.certes-ci.dymetis.com"); csr.SubjectAlternativeNames.Add("sso.certes-ci.dymetis.com"); var dirUri = await IntegrationHelper.GetAcmeUriV1(); using (var client = new AcmeClient(IntegrationHelper.GetAcmeHttpHandler(dirUri))) { client.Use(accountKey.Export()); await AuthorizeDns(client, "www.certes-ci.dymetis.com"); await AuthorizeDns(client, "mail.certes-ci.dymetis.com"); await AuthorizeDns(client, "sso.certes-ci.dymetis.com"); // should returns the valid ID var authz = await client.NewAuthorization(new AuthorizationIdentifier { Type = AuthorizationIdentifierTypes.Dns, Value = "www.certes-ci.dymetis.com", }); Assert.Equal(EntityStatus.Valid, authz.Data.Status); var authzByLoc = await client.GetAuthorization(authz.Location); Assert.Equal(authz.Data.Identifier.Value, authzByLoc.Data.Identifier.Value); var cert = await client.NewCertificate(csr); var pfx = cert.ToPfx(); pfx.AddTestCert(); pfx.Build("my.pfx", "abcd1234"); await client.RevokeCertificate(cert); } }
private static async Task AuthorizeDns(AcmeClient client, string name) { var authz = await client.NewAuthorization(new AuthorizationIdentifier { Type = AuthorizationIdentifierTypes.Dns, Value = name }); var httpChallengeInfo = authz.Data.Challenges .Where(c => c.Type == ChallengeTypes.Http01).First(); var httpChallenge = await client.CompleteChallenge(httpChallengeInfo); while (authz.Data.Status == EntityStatus.Pending) { // Wait for ACME server to validate the identifier await Task.Delay(1000); authz = await client.GetAuthorization(httpChallenge.Location); } }