/// <summary>
/// Updates certificate template list issud by a Certification Authority. The method writes all certificates templates contained in
/// <see cref="Templates"/> property.
/// </summary>
/// <exception cref="UnauthorizedAccessException">
/// The caller do not have sufficient permissions to make changes in the CA configuration.
/// </exception>
/// <exception cref="ServerUnavailableException">
/// The target CA server could not be contacted via RPC/DCOM transport.
/// </exception>
/// <exception cref="NotSupportedException">One or more certificate templates are not supported by this CA version.</exception>
/// <remarks>
/// For this method to succeed, the caller must be granted CA <strong>Administrator</strong> permissions.
/// </remarks>
/// <returns>
/// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated
/// and the method returns <strong>False</strong>.
/// </returns>
/// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks>
public Boolean SetInfo()
{
if (!IsModified)
{
return(false);
}
if (!CertificateAuthority.Ping(ComputerName))
{
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), OfflineSource.DCOM);
throw e;
}
CCertAdmin CertAdmin = new CCertAdmin();
StringBuilder SB = new StringBuilder();
if (Templates.Length > 0)
{
foreach (CertificateTemplate item in Templates)
{
SB.Append(item.Name + "\n");
SB.Append(item.OID.Value + "\n");
}
}
try {
CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropTemplates, 0, CertAdmConst.ProptypeString, SB.ToString());
} catch (Exception e) {
throw Error.ComExceptionHandler(e);
}
IsModified = false;
return(true);
}
/// <summary>
/// Updates KRA configuration by writing KRA certificates to Certification Authority. The method writes all certificates contained in
/// <see cref="Certificate"/> property.
/// </summary>
/// <param name="restart">
/// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has no effect until
/// CA service is restarted.
/// </param>
/// <exception cref="UnauthorizedAccessException">
/// The caller do not have sufficient permissions to make changes in the CA configuration.
/// </exception>
/// <exception cref="ServerUnavailableException">
/// The target CA server could not be contacted via RPC/DCOM transport.
/// </exception>
/// <remarks>
/// <para>This method do not check whether the certificates in <see cref="Certificate"/> property are valid.
/// The caller is responsible to check if the certificates are time-valid, trusted and not revoked.</para>
/// </remarks>
/// <returns>
/// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated
/// and the method returns <strong>False</strong>.
/// </returns>
/// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks>
public Boolean SetInfo(Boolean restart)
{
if (IsModified)
{
if (!CertificateAuthority.Ping(ComputerName))
{
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), OfflineSource.DCOM);
throw e;
}
CCertAdmin CertAdmin = new CCertAdmin();
try {
if (_certs.Count > 0)
{
Int32 kracount = (Int32)CertAdmin.GetCAProperty(ConfigString, CertAdmConst.CrPropKracertcount, 0, CertAdmConst.ProptypeLong, 0);
if (kracount > 0)
{
CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertcount, 0, CertAdmConst.ProptypeLong, 0);
}
for (Int32 index = 0; index < _certs.Count; index++)
{
String der = CryptographyUtils.EncodeDerString(_certs[index].RawData);
CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracert, index, CertAdmConst.ProptypeBinary, der);
}
CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertusedcount, 0, CertAdmConst.ProptypeLong, _certs.Count);
}
else
{
CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertcount, 0, CertAdmConst.ProptypeLong, 0);
CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertusedcount, 0, CertAdmConst.ProptypeLong, 0);
}
} catch (Exception e) {
throw Error.ComExceptionHandler(e);
} finally {
CryptographyUtils.ReleaseCom(CertAdmin);
}
IsModified = false;
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
return(true);
}
return(false);
}
/// <inheritdoc />
public void SetTemplates(CertificateTemplate[] templates)
{
if (templates == null)
{
throw new ArgumentNullException(nameof(templates));
}
var sb = new StringBuilder();
foreach (CertificateTemplate item in templates)
{
sb.Append(item.Name + "\n");
sb.Append(item.OID.Value + "\n");
}
var certAdmin = new CCertAdmin();
try {
certAdmin.SetCAProperty(_configString, CertAdmConstants.CrPropTemplates, 0, CertAdmConstants.ProptypeString, sb.ToString());
} catch (Exception e) {
throw Error.ComExceptionHandler(e);
}
}