public async Task <ProcessStepResult> PerformCertificateRequestProcess(string primaryDnsIdentifier, string[] alternativeDnsIdentifiers, CertRequestConfig config)
{
// create our new certificate
var orderContext = _currentOrders[config.PrimaryDomain];
//update order status
var order = await orderContext.Resource();
// order.Generate()
var csrKey = KeyFactory.NewKey(KeyAlgorithm.RS256);
var csr = new CsrInfo
{
CommonName = config.PrimaryDomain
};
//alternative to certes IOrderContextExtension.Finalize
var builder = new CertificationRequestBuilder(csrKey);
foreach (var authzCtx in await orderContext.Authorizations())
{
var authz = await authzCtx.Resource();
if (!builder.SubjectAlternativeNames.Contains(authz.Identifier.Value))
{
if (config.PrimaryDomain != $"*.{authz.Identifier.Value}")
{
//only add domain to SAN if it is not derived from a wildcard domain eg test.com from *.test.com
builder.SubjectAlternativeNames.Add(authz.Identifier.Value);
}
}
}
// if main request is for a wildcard domain, add that to SAN list
if (config.PrimaryDomain.StartsWith("*."))
{
//add wildcard domain to san
builder.SubjectAlternativeNames.Add(config.PrimaryDomain);
}
builder.AddName("CN", config.PrimaryDomain);
/* foreach (var f in csr.AllFieldsDictionary)
* {
* builder.AddName(f.Key, f.Value);
* }*/
if (string.IsNullOrWhiteSpace(csr.CommonName))
{
builder.AddName("CN", builder.SubjectAlternativeNames[0]);
}
var certResult = await orderContext.Finalize(builder.Generate());
var pem = await orderContext.Download();
var cert = new CertificateInfo(pem, csrKey);
var certFriendlyName = config.PrimaryDomain + "[Certify]";
var certFolderPath = _settingsFolder + "\\assets\\pfx";
if (!System.IO.Directory.Exists(certFolderPath))
{
System.IO.Directory.CreateDirectory(certFolderPath);
}
string certFile = Guid.NewGuid().ToString() + ".pfx";
string pfxPath = certFolderPath + "\\" + certFile;
System.IO.File.WriteAllBytes(pfxPath, cert.ToPfx(certFriendlyName, ""));
return(new ProcessStepResult {
IsSuccess = true, Result = pfxPath
});
}
