internal static void ValidateCertificate(ExchangeCertificate certificate, bool skipAutomatedDeploymentChecks)
{
ExchangeCertificateValidity exchangeCertificateValidity = ManageExchangeCertificate.ValidateExchangeCertificate(certificate, true);
if (exchangeCertificateValidity != ExchangeCertificateValidity.Valid)
{
throw new FederationCertificateInvalidException(Strings.CertificateNotValidForExchange(certificate.Thumbprint, exchangeCertificateValidity.ToString()));
}
if (string.IsNullOrEmpty(certificate.SubjectKeyIdentifier))
{
throw new FederationCertificateInvalidException(Strings.ErrorCertificateNoSKI(certificate.Thumbprint));
}
if (!skipAutomatedDeploymentChecks && !certificate.PrivateKeyExportable)
{
throw new FederationCertificateInvalidException(Strings.ErrorCertificateNotExportable(certificate.Thumbprint));
}
if (!string.Equals(certificate.GetKeyAlgorithm(), WellKnownOid.RsaRsa.Value, StringComparison.OrdinalIgnoreCase))
{
throw new FederationCertificateInvalidException(Strings.ErrorCertificateNotRSA(certificate.Thumbprint));
}
if (TlsCertificateInfo.IsCNGProvider(certificate))
{
throw new FederationCertificateInvalidException(Strings.ErrorCertificateNotCAPI(certificate.Thumbprint));
}
if ((ExDateTime)certificate.NotAfter < ExDateTime.UtcNow && (ExDateTime)certificate.NotBefore > ExDateTime.UtcNow)
{
throw new FederationCertificateInvalidException(Strings.ErrorCertificateHasExpired(certificate.Thumbprint));
}
}
public static void GetObjectPostAction(DataRow inputRow, DataTable table, DataObjectStore store)
{
DataRow dataRow = table.Rows[0];
dataRow["ExDTNotAfter"] = ((ExDateTime)((DateTime)dataRow["NotAfter"])).ToShortDateString();
ExchangeCertificate exchangeCertificate = (ExchangeCertificate)store.GetDataObject("ExchangeCertificate");
if (exchangeCertificate != null)
{
dataRow["SubjectName"] = exchangeCertificate.SubjectName.Name;
}
}
public static void FindValidCertExistingOnEveryServer(DataRow inputRow, DataTable dataTable, DataObjectStore store)
{
DataRow dataRow = dataTable.Rows[0];
List <MailCertificate> list = dataRow["MailCertificateOptions"] as List <MailCertificate>;
IEnumerable <object> enumerable = store.GetDataObject("ExchangeCertificates") as IEnumerable <object>;
if (list == null)
{
list = (dataRow["MailCertificateOptions"] = new List <MailCertificate>());
using (IEnumerator <object> enumerator = enumerable.GetEnumerator())
{
while (enumerator.MoveNext())
{
object obj = enumerator.Current;
ExchangeCertificate exchangeCertificate = (ExchangeCertificate)obj;
if (HybridConfigurationWizardServiceCodeBehind.IsValidCertificate(exchangeCertificate))
{
list.Add(new MailCertificate
{
FriendlyName = exchangeCertificate.FriendlyName,
Thumbprint = exchangeCertificate.Thumbprint,
Issuer = exchangeCertificate.Issuer,
Subject = exchangeCertificate.Subject
});
}
}
return;
}
}
IEnumerable <string> source = from cert in enumerable
where HybridConfigurationWizardServiceCodeBehind.IsValidCertificate((ExchangeCertificate)cert)
select((ExchangeCertificate)cert).Thumbprint;
for (int i = list.Count - 1; i >= 0; i--)
{
if (!source.Contains(list[i].Thumbprint))
{
list.RemoveAt(i);
}
}
}
// Token: 0x0600000B RID: 11 RVA: 0x00002C20 File Offset: 0x00000E20
private void VerifyCertificateExpiration(ExchangeCertificate certificate)
{
if (certificate.NotAfter.CompareTo(DateTime.UtcNow) <= 0)
{
string message = string.Format("Certificate {0} has expired.", certificate.Thumbprint);
Servicelet.Tracer.TraceError((long)this.GetHashCode(), message);
this.eventLogger.LogEvent(MSExchangeCertificateDeploymentEventLogConstants.Tuple_CertificateExpired, certificate.Thumbprint, new object[]
{
certificate.Thumbprint
});
return;
}
if (certificate.NotAfter.Subtract(DateTime.UtcNow).CompareTo(Servicelet.CertificateExpirationThreshold) <= 0)
{
string message2 = string.Format("Certificate {0} will expire in less than 15 days.", certificate.Thumbprint);
Servicelet.Tracer.TraceWarning((long)this.GetHashCode(), message2);
this.eventLogger.LogEvent(MSExchangeCertificateDeploymentEventLogConstants.Tuple_CertificateNearingExpiry, certificate.Thumbprint, new object[]
{
certificate.Thumbprint
});
}
}
public static void AddCertificates(DataRow inputRow, DataTable dataTable, DataObjectStore store)
{
List <MailCertificate> list = new List <MailCertificate>();
IEnumerable <object> enumerable = store.GetDataObject("ExchangeCertificates") as IEnumerable <object>;
foreach (object obj in enumerable)
{
ExchangeCertificate exchangeCertificate = (ExchangeCertificate)obj;
if (HybridConfigurationWizardServiceCodeBehind.IsValidCertificate(exchangeCertificate))
{
list.Add(new MailCertificate
{
FriendlyName = exchangeCertificate.FriendlyName,
Thumbprint = exchangeCertificate.Thumbprint,
Subject = exchangeCertificate.Subject,
Issuer = exchangeCertificate.Issuer
});
}
}
DataRow dataRow = dataTable.NewRow();
dataTable.Rows.Add(dataRow);
dataRow["MailCertificateOptions"] = list;
}
internal static FederationTrustCertificateState TestForCertificate(string serverName, string thumbprint, out ExchangeCertificate cert)
{
if (string.IsNullOrEmpty(serverName))
{
throw new ArgumentNullException("serverName");
}
if (string.IsNullOrEmpty(thumbprint))
{
throw new ArgumentNullException("thumbprint");
}
cert = null;
ExchangeCertificateRpc exchangeCertificateRpc = new ExchangeCertificateRpc();
exchangeCertificateRpc.GetByThumbprint = thumbprint;
ExchangeCertificateRpcVersion exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1;
FederationTrustCertificateState federationTrustCertificateState = FederationTrustCertificateState.NotInstalled;
byte[] outputBlob = null;
try
{
byte[] inBlob = exchangeCertificateRpc.SerializeInputParameters(ExchangeCertificateRpcVersion.Version2);
ExchangeCertificateRpcClient2 exchangeCertificateRpcClient = new ExchangeCertificateRpcClient2(serverName);
outputBlob = exchangeCertificateRpcClient.GetCertificate2(0, inBlob);
exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version2;
}
catch (RpcException)
{
exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1;
}
if (exchangeCertificateRpcVersion == ExchangeCertificateRpcVersion.Version1)
{
try
{
byte[] inBlob2 = exchangeCertificateRpc.SerializeInputParameters(exchangeCertificateRpcVersion);
ExchangeCertificateRpcClient exchangeCertificateRpcClient2 = new ExchangeCertificateRpcClient(serverName);
outputBlob = exchangeCertificateRpcClient2.GetCertificate(0, inBlob2);
}
catch (RpcException)
{
federationTrustCertificateState = FederationTrustCertificateState.ServerUnreachable;
}
}
if (federationTrustCertificateState != FederationTrustCertificateState.ServerUnreachable)
{
ExchangeCertificateRpc exchangeCertificateRpc2 = new ExchangeCertificateRpc(exchangeCertificateRpcVersion, null, outputBlob);
if (exchangeCertificateRpc2.ReturnCertList != null && exchangeCertificateRpc2.ReturnCertList.Count == 1)
{
federationTrustCertificateState = FederationTrustCertificateState.Installed;
cert = exchangeCertificateRpc2.ReturnCertList[0];
}
}
return(federationTrustCertificateState);
}
public Certificate(ExchangeCertificate certificate)
{
this.certificate = certificate;
}
private static bool IsValidCertificate(ExchangeCertificate cert)
{
return(!cert.IsSelfSigned && cert.Status == CertificateStatus.Valid);
}
