public WinCertesOptions()
{
_logger.Debug("Initialising WinCertesOptions()...");
Registry = new RegistryConfig(null);
if (Registry.Initialised)
{
ReadOptionsFromConfiguration(Registry);
IsNew = AccountKey == null && AccountEmail == null;
Initialised = true;
}
}
public WinCertesOptions(string certificateName)
{
_logger.Debug("Initialising WinCertesOptions({0})...", certificateName);
Registry = new RegistryConfig(certificateName);
CertificateName = certificateName;
IsDefaultCertificate = false;
if (Registry.Initialised)
{
ReadOptionsFromConfiguration(Registry);
IsNew = AccountKey == null && AccountEmail == null && Domains.Count == 0 && !Registry.IsThereConfigParam("certExpDate");
Initialised = true;
}
}
static int Main(string[] args)
{
// Main parameters with their default values
string taskName = null;
_winCertesOptions = new WinCertesOptions();
if (!Utils.IsAdministrator())
{
Console.WriteLine("WinCertes.exe must be launched as Administrator"); return(ERROR);
}
// Command line options handling and initialization stuff
if (!HandleOptions(args))
{
return(ERROR_INCORRECT_PARAMETER);
}
if (_periodic)
{
taskName = Utils.DomainsToFriendlyName(_domains);
}
InitWinCertesDirectoryPath();
Utils.ConfigureLogger(_winCertesPath);
_config = new RegistryConfig(_extra);
_winCertesOptions.WriteOptionsIntoConfiguration(_config);
if (_show)
{
_winCertesOptions.displayOptions(_config); return(0);
}
// Reset is a full reset !
if (_reset)
{
IConfig baseConfig = new RegistryConfig(false);
baseConfig.DeleteAllParameters();
Utils.DeleteScheduledTasks();
return(0);
}
// Initialization and renewal/revocation handling
try
{
InitCertesWrapper(_winCertesOptions.ServiceUri, _winCertesOptions.Email);
}
catch (Exception e) { _logger.Error(e.Message); return(ERROR); }
if (_winCertesOptions.Revoke > -1)
{
RevokeCert(_domains, _winCertesOptions.Revoke); return(0);
}
// default mode: enrollment/renewal. check if there's something to be done
// note that in any case, we want to be able to set the scheduled task (won't do anything if taskName is null)
if (!IsThereCertificateAndIsItToBeRenewed(_domains))
{
Utils.CreateScheduledTask(taskName, _domains, _extra); return(0);
}
// Now the real stuff: we register the order for the domains, and have them validated by the ACME service
IHTTPChallengeValidator httpChallengeValidator = HTTPChallengeValidatorFactory.GetHTTPChallengeValidator(_winCertesOptions.Standalone, _winCertesOptions.HttpPort, _winCertesOptions.WebRoot);
IDNSChallengeValidator dnsChallengeValidator = DNSChallengeValidatorFactory.GetDNSChallengeValidator(_config);
if ((httpChallengeValidator == null) && (dnsChallengeValidator == null))
{
WriteErrorMessageWithUsage(_options, "Specify either an HTTP or a DNS validation method."); return(ERROR_INCORRECT_PARAMETER);
}
if (!(Task.Run(() => _certesWrapper.RegisterNewOrderAndVerify(_domains, httpChallengeValidator, dnsChallengeValidator)).GetAwaiter().GetResult()))
{
if (httpChallengeValidator != null)
{
httpChallengeValidator.EndAllChallengeValidations();
}
return(ERROR);
}
if (httpChallengeValidator != null)
{
httpChallengeValidator.EndAllChallengeValidations();
}
// We get the certificate from the ACME service
var pfxName = Task.Run(() => _certesWrapper.RetrieveCertificate(_domains, _winCertesPath, Utils.DomainsToFriendlyName(_domains))).GetAwaiter().GetResult();
if (pfxName == null)
{
return(ERROR);
}
AuthenticatedPFX pfx = new AuthenticatedPFX(_winCertesPath + "\\" + pfxName, _certesWrapper.PfxPassword);
CertificateStorageManager certificateStorageManager = new CertificateStorageManager(pfx, ((_winCertesOptions.Csp == null) && (!_winCertesOptions.noCsp)));
// Let's process the PFX into Windows Certificate objet.
certificateStorageManager.ProcessPFX();
// and we write its information to the WinCertes configuration
RegisterCertificateIntoConfiguration(certificateStorageManager.Certificate, _domains);
// Import the certificate into the Windows store
if (!_winCertesOptions.noCsp)
{
certificateStorageManager.ImportCertificateIntoCSP(_winCertesOptions.Csp);
}
// Bind certificate to IIS Site (won't do anything if option is null)
Utils.BindCertificateForIISSite(certificateStorageManager.Certificate, _winCertesOptions.BindName);
// Execute PowerShell Script (won't do anything if option is null)
Utils.ExecutePowerShell(_winCertesOptions.ScriptFile, pfx);
// Create the AT task that will execute WinCertes periodically (won't do anything if taskName is null)
Utils.CreateScheduledTask(taskName, _domains, _extra);
// Let's delete the PFX file
RemoveFileAndLog(pfx.PfxFullPath);
return(0);
}
