public async Task TestWebPersistDelete()
{
var testObj = new BlobStorageAuthorizationChallengeProvider(ConfigurationManager.AppSettings[AppSettingsAuthConfig.authorizationChallengeBlobStorageAccount], "$web");
await testObj.PersistsChallengeFile(FilePath, FileContent);
await testObj.CleanupChallengeFile(FilePath);
}
public async Task TestWebPersistDelete()
{
var testObj = new BlobStorageAuthorizationChallengeProvider(ConfigurationManager.AppSettings[AppSettingsAuthConfig.authorizationChallengeBlobStorageAccount], "$web");
ACMESharp.ACME.HttpChallenge challenge = new ACMESharp.ACME.HttpChallenge("http", new HttpChallengeAnswer())
{
FileContent = "test",
FilePath = "/.well-known/acme-challenge/aBAasda234"
};
await testObj.PersistsChallengeFile(challenge);
await testObj.CleanupChallengeFile(challenge);
}
private static async Task RenewCore(RenewalParameters renewalParams)
{
Trace.TraceInformation("Generating SSL certificate with parameters: {0}", renewalParams);
Trace.TraceInformation("Generating secure PFX password for '{0}'...", renewalParams.WebApp);
var pfxPassData = new byte[32];
s_randomGenerator.GetBytes(pfxPassData);
Trace.TraceInformation(
"Adding SSL cert for '{0}{1}'...",
renewalParams.WebApp,
renewalParams.GroupName == null ? String.Empty : $"[{renewalParams.GroupName}]");
CertificateManager manager;
if (renewalParams.AuthorizationChallengeBlobStorageAccount == null)
{
manager = CertificateManager.CreateKuduWebAppCertificateManager(
new AzureWebAppEnvironment(
renewalParams.TenantId,
renewalParams.SubscriptionId,
renewalParams.ClientId,
renewalParams.ClientSecret,
renewalParams.ResourceGroup,
renewalParams.WebApp,
renewalParams.ServicePlanResourceGroup,
renewalParams.SiteSlotName)
{
AzureWebSitesDefaultDomainName = renewalParams.AzureDefaultWebsiteDomainName ?? DefaultWebsiteDomainName,
AuthenticationEndpoint = renewalParams.AuthenticationUri ?? new Uri(DefaultAuthenticationUri),
ManagementEndpoint = renewalParams.AzureManagementEndpoint ?? new Uri(DefaultManagementEndpoint),
TokenAudience = renewalParams.AzureTokenAudience ?? new Uri(DefaultAzureTokenAudienceService)
},
new AcmeConfig
{
Host = renewalParams.Hosts[0],
AlternateNames = renewalParams.Hosts.Skip(1).ToList(),
RegistrationEmail = renewalParams.Email,
RSAKeyLength = renewalParams.RsaKeyLength,
PFXPassword = Convert.ToBase64String(pfxPassData),
BaseUri = (renewalParams.AcmeBaseUri ?? new Uri(DefaultAcmeBaseUri)).ToString()
},
new CertificateServiceSettings {
UseIPBasedSSL = renewalParams.UseIpBasedSsl
},
new AuthProviderConfig());
}
else
{
var blobProvider = new BlobStorageAuthorizationChallengeProvider(renewalParams.AuthorizationChallengeBlobStorageAccount.ToString());
var azureWebAppEnvironment = new AzureWebAppEnvironment(
renewalParams.TenantId,
renewalParams.SubscriptionId,
renewalParams.ClientId,
renewalParams.ClientSecret,
renewalParams.ResourceGroup,
renewalParams.WebApp,
renewalParams.ServicePlanResourceGroup,
renewalParams.SiteSlotName)
{
AzureWebSitesDefaultDomainName = renewalParams.AzureDefaultWebsiteDomainName ?? DefaultWebsiteDomainName,
AuthenticationEndpoint = renewalParams.AuthenticationUri ?? new Uri(DefaultAuthenticationUri),
ManagementEndpoint = renewalParams.AzureManagementEndpoint ?? new Uri(DefaultManagementEndpoint),
TokenAudience = renewalParams.AzureTokenAudience ?? new Uri(DefaultAzureTokenAudienceService)
};
manager = new CertificateManager(
azureWebAppEnvironment,
new AcmeConfig
{
Host = renewalParams.Hosts[0],
AlternateNames = renewalParams.Hosts.Skip(1).ToList(),
RegistrationEmail = renewalParams.Email,
RSAKeyLength = renewalParams.RsaKeyLength,
PFXPassword = Convert.ToBase64String(pfxPassData),
BaseUri = (renewalParams.AcmeBaseUri ?? new Uri(DefaultAcmeBaseUri)).ToString()
},
new WebAppCertificateService(azureWebAppEnvironment, new CertificateServiceSettings {
UseIPBasedSSL = renewalParams.UseIpBasedSsl
}),
blobProvider);
}
if (renewalParams.RenewXNumberOfDaysBeforeExpiration > 0)
{
await manager.RenewCertificate(false, renewalParams.RenewXNumberOfDaysBeforeExpiration);
}
else
{
await manager.AddCertificate();
}
Trace.TraceInformation("SSL cert added successfully to '{0}'", renewalParams.WebApp);
}
