public CreatePrivateCertificateResult CreateCertificateWithPrivateKey(CreatePrivateCertificateModel model, ClaimsPrincipal user)
{
model.RequestDate = DateTime.Now;
KeyUsage keyUsage = dataTransformation.ParseKeyUsage(model.KeyUsage);
AdcsTemplate template = templateLogic.DiscoverTemplate(model.CipherAlgorithm, model.Provider, keyUsage);
if (!templateLogic.ValidateTemplateWithRequest(model, template))
{
throw new AdcsTemplateValidationException("Certificate request does not meet the requirements of the certificate template");
}
if (authorizationLogic.IsAuthorized(template, user))
{
CertificateRequest csr = certificateProvider.CreateCsrKeyPair(dataTransformation.NewCertificateSubjectFromModel(model), model.CipherAlgorithm, model.KeySize, model.Provider, SigningRequestProtocol.Pkcs10);
MicrosoftCertificateAuthority ca = configurationRepository.GetPrivateCertificateAuthority(model.HashAlgorithm);
CertificateAuthorityRequestResponse response = ca.Sign(csr, template.Name, template.KeyUsage);
CreatePrivateCertificateResult result = ProcessCertificateAuthorityResponse(model, response, csr.Subject, user);
this.Audit(result, user);
return(result);
}
else
{
return(ProcessNewPendingCertificateWorkflow(model));
}
}
