public void ConvertStore(LegacyScheduledRenewal legacy, Renewal ret) { // Configure store if (!string.IsNullOrEmpty(legacy.CentralSslStore)) { ret.StorePluginOptions.Add(new store.CentralSslOptions() { Path = legacy.CentralSslStore, KeepExisting = legacy.KeepExisting == true }); } else { ret.StorePluginOptions.Add(new store.CertificateStoreOptions() { StoreName = legacy.CertificateStore, KeepExisting = legacy.KeepExisting == true }); } ret.StorePluginOptions.Add(new store.PemFilesOptions() { Path = _settings.Cache.Path }); ret.StorePluginOptions.Add(new store.PfxFileOptions() { Path = _settings.Cache.Path }); }
public void ConvertInstallation(LegacyScheduledRenewal legacy, Renewal ret) { if (legacy.InstallationPluginNames == null) { legacy.InstallationPluginNames = new List <string>(); // Based on chosen target if (legacy.Binding.TargetPluginName == "IISSite" || legacy.Binding.TargetPluginName == "IISSites" || legacy.Binding.TargetPluginName == "IISBinding") { legacy.InstallationPluginNames.Add("IIS"); } // Based on command line if (!string.IsNullOrEmpty(legacy.Script) || !string.IsNullOrEmpty(legacy.ScriptParameters)) { legacy.InstallationPluginNames.Add("Manual"); } // Cannot find anything, then it's no installation steps if (legacy.InstallationPluginNames.Count == 0) { legacy.InstallationPluginNames.Add("None"); } } foreach (var legacyName in legacy.InstallationPluginNames) { switch (legacyName.ToLower()) { case "iis": ret.InstallationPluginOptions.Add(new install.IISWebOptions() { SiteId = legacy.Binding.InstallationSiteId, NewBindingIp = legacy.Binding.SSLIPAddress, NewBindingPort = legacy.Binding.SSLPort }); break; case "iisftp": ret.InstallationPluginOptions.Add(new install.IISFtpOptions() { SiteId = legacy.Binding.FtpSiteId.Value }); break; case "manual": ret.InstallationPluginOptions.Add(new install.ScriptOptions() { Script = legacy.Script, ScriptParameters = legacy.ScriptParameters }); break; case "none": ret.InstallationPluginOptions.Add(new NullInstallationOptions()); break; } } }
public void ConvertTarget(LegacyScheduledRenewal legacy, Renewal ret) { if (string.IsNullOrEmpty(legacy.Binding.TargetPluginName)) { switch (legacy.Binding.PluginName) { case "IIS": legacy.Binding.TargetPluginName = legacy.Binding.HostIsDns == false ? "IISSite" : "IISBinding"; break; case "IISSiteServer": legacy.Binding.TargetPluginName = "IISSites"; break; case "Manual": legacy.Binding.TargetPluginName = "Manual"; break; } } switch (legacy.Binding.TargetPluginName.ToLower()) { case "iissite": ret.TargetPluginOptions = new target.IISSiteOptions() { CommonName = string.IsNullOrEmpty(legacy.Binding.CommonName) ? null : legacy.Binding.CommonName, ExcludeBindings = legacy.Binding.ExcludeBindings.ParseCsv(), SiteId = legacy.Binding.TargetSiteId ?? legacy.Binding.SiteId ?? 0 }; break; case "iissites": ret.TargetPluginOptions = new target.IISSitesOptions() { CommonName = string.IsNullOrEmpty(legacy.Binding.CommonName) ? null : legacy.Binding.CommonName, ExcludeBindings = legacy.Binding.ExcludeBindings.ParseCsv(), SiteIds = legacy.Binding.Host.ParseCsv().Select(x => long.Parse(x)).ToList() }; break; case "manual": ret.TargetPluginOptions = new target.ManualOptions() { CommonName = string.IsNullOrEmpty(legacy.Binding.CommonName) ? legacy.Binding.Host : legacy.Binding.CommonName, AlternativeNames = legacy.Binding.AlternativeNames }; break; case "iisbinding": ret.TargetPluginOptions = new target.IISBindingOptions() { Host = legacy.Binding.Host, SiteId = (long)(legacy.Binding.TargetSiteId ?? legacy.Binding.SiteId) }; break; } }
public Renewal Convert(LegacyScheduledRenewal legacy) { // Note that history is not moved, so all imported renewals // will be due immediately. That's the ulimate test to see // if they will actually work in the new ACMEv2 environment var ret = Renewal.Create(null, _passwordGenerator); ConvertTarget(legacy, ret); ConvertValidation(legacy, ret); ConvertStore(legacy, ret); ConvertInstallation(legacy, ret); ret.CsrPluginOptions = new RsaOptions(); ret.LastFriendlyName = legacy.Binding.Host; ret.History = new List<RenewResult> { new RenewResult("Imported") { } }; return ret; }
public void ConvertStore(LegacyScheduledRenewal legacy, Renewal ret) { // Configure store if (!string.IsNullOrEmpty(legacy.CentralSslStore)) { ret.StorePluginOptions = new store.CentralSslOptions() { Path = legacy.CentralSslStore, KeepExisting = legacy.KeepExisting == true }; } else { ret.StorePluginOptions = new store.CertificateStoreOptions() { StoreName = legacy.CertificateStore, KeepExisting = legacy.KeepExisting == true }; } }
public Renewal Convert(LegacyScheduledRenewal legacy) { // Note that history is not moved, so all imported renewals // will be due immediately. That's the ulimate test to see // if they will actually work in the new ACMEv2 environment var ret = new Renewal(); ConvertTarget(legacy, ret); ConvertValidation(legacy, ret); ConvertStore(legacy, ret); ConvertInstallation(legacy, ret); ret.CsrPluginOptions = new RsaOptions(); ret.Id = ShortGuid.NewGuid().ToString(); ret.FriendlyName = legacy.Binding.Host; ret.History = new List <RenewResult> { new RenewResult("Imported") { } }; return(ret); }
public void ConvertValidation(LegacyScheduledRenewal legacy, Renewal ret) { if (legacy.Binding == null) { throw new Exception("Cannot convert renewal with empty binding"); } // Configure validation if (legacy.Binding.ValidationPluginName == null) { legacy.Binding.ValidationPluginName = "http-01.filesystem"; } switch (legacy.Binding.ValidationPluginName.ToLower()) { case "dns-01.script": case "dns-01.dnsscript": ret.ValidationPluginOptions = new dns.ScriptOptions() { CreateScript = legacy.Binding.DnsScriptOptions?.CreateScript, CreateScriptArguments = "{Identifier} {RecordName} {Token}", DeleteScript = legacy.Binding.DnsScriptOptions?.DeleteScript, DeleteScriptArguments = "{Identifier} {RecordName}" }; break; case "dns-01.azure": ret.ValidationPluginOptions = new CompatibleAzureOptions() { ClientId = legacy.Binding.DnsAzureOptions?.ClientId, ResourceGroupName = legacy.Binding.DnsAzureOptions?.ResourceGroupName, Secret = new ProtectedString(legacy.Binding.DnsAzureOptions?.Secret), SubscriptionId = legacy.Binding.DnsAzureOptions?.SubscriptionId, TenantId = legacy.Binding.DnsAzureOptions?.TenantId }; break; case "http-01.ftp": ret.ValidationPluginOptions = new http.FtpOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath, Credential = new NetworkCredentialOptions(legacy.Binding.HttpFtpOptions?.UserName, legacy.Binding.HttpFtpOptions?.Password) }; break; case "http-01.sftp": ret.ValidationPluginOptions = new http.SftpOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath, Credential = new NetworkCredentialOptions(legacy.Binding.HttpFtpOptions?.UserName, legacy.Binding.HttpFtpOptions?.Password) }; break; case "http-01.webdav": var options = new http.WebDavOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath }; if (legacy.Binding.HttpWebDavOptions != null) { options.Credential = new NetworkCredentialOptions( legacy.Binding.HttpWebDavOptions.UserName, legacy.Binding.HttpWebDavOptions.Password); } ret.ValidationPluginOptions = options; break; case "tls-sni-01.iis": _log.Warning("TLS-SNI-01 validation was removed from ACMEv2, changing to SelfHosting. Note that this requires port 80 to be public rather than port 443."); ret.ValidationPluginOptions = new http.SelfHostingOptions(); break; case "http-01.iis": case "http-01.selfhosting": ret.ValidationPluginOptions = new http.SelfHostingOptions() { Port = legacy.Binding.ValidationPort }; break; case "http-01.filesystem": default: ret.ValidationPluginOptions = new http.FileSystemOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath, SiteId = legacy.Binding.ValidationSiteId }; break; } }
public void ConvertTarget(LegacyScheduledRenewal legacy, Renewal ret) { if (legacy.Binding == null) { throw new Exception("Cannot convert renewal with empty binding"); } if (string.IsNullOrEmpty(legacy.Binding.TargetPluginName)) { legacy.Binding.TargetPluginName = legacy.Binding.PluginName switch { "IIS" => legacy.Binding.HostIsDns == false ? "IISSite" : "IISBinding", "IISSiteServer" => "IISSites", _ => "Manual", }; } switch (legacy.Binding.TargetPluginName.ToLower()) { case "iisbinding": var options = new target.IISOptions(); if (!string.IsNullOrEmpty(legacy.Binding.Host)) { options.IncludeHosts = new List <string>() { legacy.Binding.Host }; } var siteId = legacy.Binding.TargetSiteId ?? legacy.Binding.SiteId ?? 0; if (siteId > 0) { options.IncludeSiteIds = new List <long>() { siteId }; } ret.TargetPluginOptions = options; break; case "iissite": options = new target.IISOptions(); if (!string.IsNullOrEmpty(legacy.Binding.CommonName)) { options.CommonName = legacy.Binding.CommonName.ConvertPunycode(); } siteId = legacy.Binding.TargetSiteId ?? legacy.Binding.SiteId ?? 0; if (siteId > 0) { options.IncludeSiteIds = new List <long>() { siteId }; } options.ExcludeHosts = legacy.Binding.ExcludeBindings.ParseCsv(); ret.TargetPluginOptions = options; break; case "iissites": options = new target.IISOptions(); if (!string.IsNullOrEmpty(legacy.Binding.CommonName)) { options.CommonName = legacy.Binding.CommonName.ConvertPunycode(); } options.IncludeSiteIds = legacy.Binding.Host.ParseCsv().Select(x => long.Parse(x)).ToList(); options.ExcludeHosts = legacy.Binding.ExcludeBindings.ParseCsv(); ret.TargetPluginOptions = options; break; case "manual": ret.TargetPluginOptions = new target.ManualOptions() { CommonName = string.IsNullOrEmpty(legacy.Binding.CommonName) ? legacy.Binding.Host : legacy.Binding.CommonName.ConvertPunycode(), AlternativeNames = legacy.Binding.AlternativeNames.Select(x => x.ConvertPunycode()).ToList() }; break; } }
public void ConvertValidation(LegacyScheduledRenewal legacy, Renewal ret) { // Configure validation if (legacy.Binding.ValidationPluginName == null) { legacy.Binding.ValidationPluginName = "http-01.filesystem"; } var plugin = legacy.Binding.ValidationPluginName.Split('.')[0]; switch (legacy.Binding.ValidationPluginName.ToLower()) { case "dns-01.script": case "dns-01.dnsscript": ret.ValidationPluginOptions = new dns.ScriptOptions() { CreateScript = legacy.Binding.DnsScriptOptions.CreateScript, DeleteScript = legacy.Binding.DnsScriptOptions.DeleteScript }; break; case "dns-01.azure": ret.ValidationPluginOptions = new CompatibleAzureOptions() { ClientId = legacy.Binding.DnsAzureOptions.ClientId, ResourceGroupName = legacy.Binding.DnsAzureOptions.ResourceGroupName, Secret = legacy.Binding.DnsAzureOptions.Secret, SubscriptionId = legacy.Binding.DnsAzureOptions.SubscriptionId, TenantId = legacy.Binding.DnsAzureOptions.TenantId }; break; case "http-01.ftp": ret.ValidationPluginOptions = new http.FtpOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath, Credential = new NetworkCredentialOptions(legacy.Binding.HttpFtpOptions.UserName, legacy.Binding.HttpFtpOptions.Password) }; break; case "http-01.sftp": ret.ValidationPluginOptions = new http.SftpOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath, Credential = new NetworkCredentialOptions(legacy.Binding.HttpFtpOptions.UserName, legacy.Binding.HttpFtpOptions.Password) }; break; case "http-01.webdav": ret.ValidationPluginOptions = new http.WebDavOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath, Credential = new NetworkCredentialOptions(legacy.Binding.HttpWebDavOptions.UserName, legacy.Binding.HttpWebDavOptions.Password) }; break; case "http-01.iis": case "http-01.selfhosting": ret.ValidationPluginOptions = new http.SelfHostingOptions() { Port = legacy.Binding.ValidationPort }; break; case "http-01.filesystem": default: ret.ValidationPluginOptions = new http.FileSystemOptions() { CopyWebConfig = legacy.Binding.IIS == true, Path = legacy.Binding.WebRootPath, SiteId = legacy.Binding.ValidationSiteId }; break; } }