public static DnsManagementClient GetDnsManagementClient(IAzureDnsEnvironment model)
{
AuthenticationResult token = GetToken(model);
var creds = new TokenCredentials(token.AccessToken);
var dnsClient = new DnsManagementClient(model.ManagementEndpoint, creds);
dnsClient.SubscriptionId = model.SubscriptionId.ToString();
return(dnsClient);
}
private static LetsencryptService GetDnsRenewalService(RenewalParameters renewalParams, IAzureDnsEnvironment azureDnsEnvironment, AzureWebAppEnvironment webAppEnvironment)
{
return(new LetsencryptService(
new AcmeClient(
new AzureDnsProvider(
new AzureDnsSettings(
azureDnsEnvironment.ResourceGroupName,
azureDnsEnvironment.ZoneName,
GetAzureServicePrincipal(azureDnsEnvironment),
GetAzureSubscription(azureDnsEnvironment),
azureDnsEnvironment.RelativeRecordSetName)),
new DnsLookupService(new Logger <DnsLookupService>(s_loggerFactory)),
new NullCertificateStore(),
new Logger <AcmeClient>(s_loggerFactory)),
new NullCertificateStore(),
new AzureWebAppService(
new[]
{
new AzureWebAppSettings(
webAppEnvironment.WebAppName,
webAppEnvironment.ResourceGroupName,
GetAzureServicePrincipal(webAppEnvironment),
GetAzureSubscription(webAppEnvironment),
webAppEnvironment.SiteSlotName,
webAppEnvironment.ServicePlanResourceGroupName,
renewalParams.UseIpBasedSsl),
},
new Logger <AzureWebAppService>(s_loggerFactory)),
new Logger <LetsencryptService>(s_loggerFactory)));
}
/// <summary>
/// Request a certificate from lets encrypt using the DNS challenge, placing the challenge record in Azure DNS.
/// The certifiacte is not assigned, but just returned.
/// </summary>
/// <param name="azureDnsEnvironment"></param>
/// <param name="acmeConfig"></param>
/// <returns></returns>
public static async Task <CertificateInstallModel> RequestDnsChallengeCertificate(IAzureDnsEnvironment azureDnsEnvironment, IAcmeConfig acmeConfig)
{
return(await new CertificateManager(null, acmeConfig, null, new AzureDnsAuthorizationChallengeProvider(azureDnsEnvironment)).RequestInternalAsync(acmeConfig));
}
/// <summary>
/// Returns a <see cref="CertificateManager"/> configured to use DNS Challenge, placing the challenge record in Azure DNS,
/// and assigning the obtained certificate directly to the web app service.
/// </summary>
/// <param name="settings"></param>
/// <param name="acmeConfig"></param>
/// <param name="certSettings"></param>
/// <param name="dnsEnvironment"></param>
/// <returns></returns>
public static CertificateManager CreateAzureDnsWebAppCertificateManager(IAzureWebAppEnvironment settings, IAcmeConfig acmeConfig, IWebAppCertificateSettings certSettings, IAzureDnsEnvironment dnsEnvironment)
{
return(new CertificateManager(settings, acmeConfig, new WebAppCertificateService(settings, certSettings), new AzureDnsAuthorizationChallengeProvider(dnsEnvironment)));
}
public AzureDnsAuthorizationChallengeProvider(IAzureDnsEnvironment azureDnsSettings)
{
this.dnsClient = ArmHelper.GetDnsManagementClient(azureDnsSettings);
this.environment = azureDnsSettings;
}
public AzureDnsAuthorizationChallengeProvider(IAzureDnsEnvironment azureDnsSettings)
{
this.environment = azureDnsSettings;
}
