public void Install(ICertificateInstallModel model)
{
var cert = model.CertificateInfo;
using (var webSiteClient = ArmHelper.GetWebSiteManagementClient(azureEnvironment))
{
var s = webSiteClient.WebApps.GetSiteOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName);
Trace.TraceInformation(String.Format("Installing certificate {0} on azure with server farm id {1}", cert.Name, s.ServerFarmId));
var newCert = new Certificate()
{
PfxBlob = cert.PfxCertificate,
Password = cert.Password,
Location = s.Location,
ServerFarmId = s.ServerFarmId,
Name = model.Host + "-" + cert.Certificate.Thumbprint
};
//BUG https://github.com/sjkp/letsencrypt-siteextension/issues/99
//using this will not install the certificate with the correct webSpace property set,
//and the app service will be unable to find the certificate if the app service plan has been moved between resource groups.
//webSiteClient.Certificates.CreateOrUpdate(azureEnvironment.ServicePlanResourceGroupName, cert.Certificate.Subject.Replace("CN=", ""), newCert);
var client = ArmHelper.GetHttpClient(azureEnvironment);
var body = JsonConvert.SerializeObject(newCert, JsonHelper.DefaultSerializationSettings);
var t = client.PutAsync($"/subscriptions/{azureEnvironment.SubscriptionId}/resourceGroups/{azureEnvironment.ServicePlanResourceGroupName}/providers/Microsoft.Web/certificates/{newCert.Name}?api-version=2016-03-01", new StringContent(body, Encoding.UTF8, "application/json")).Result;
t.EnsureSuccessStatusCode();
foreach (var dnsName in model.AllDnsIdentifiers)
{
var sslState = s.HostNameSslStates.FirstOrDefault(g => g.Name == dnsName);
if (sslState == null)
{
sslState = new HostNameSslState()
{
Name = model.Host,
SslState = settings.UseIPBasedSSL ? SslState.IpBasedEnabled : SslState.SniEnabled,
};
s.HostNameSslStates.Add(sslState);
}
else
{
//First time setting the HostNameSslState it is set to disabled.
sslState.SslState = settings.UseIPBasedSSL ? SslState.IpBasedEnabled : SslState.SniEnabled;
}
sslState.ToUpdate = true;
sslState.Thumbprint = cert.Certificate.Thumbprint;
}
webSiteClient.WebApps.BeginCreateOrUpdateSiteOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName, s);
}
}
internal static HostNameSslState[] GetHostNameSslStatesFromSiteResponse(Site site, string hostName = null)
{
var hostNameSslState = new HostNameSslState[0];
if (site.HostNameSslStates != null)
{
hostNameSslState = site.HostNameSslStates.Where(h => h.SslState.HasValue && h.SslState.Value != SslState.Disabled).ToArray();
if (!string.IsNullOrEmpty(hostName))
{
hostNameSslState = hostNameSslState.Where(h => string.Equals(h.Name, hostName)).ToArray();
}
}
return(hostNameSslState);
}
public static void Install(Target target, string pfxFilename, X509Certificate2 certificate)
{
Console.WriteLine(String.Format("Installing certificate {0} on azure", pfxFilename));
Trace.TraceInformation(String.Format("Installing certificate {0} on azure", pfxFilename));
var bytes = File.ReadAllBytes(pfxFilename);
var pfx = Convert.ToBase64String(bytes);
var s = webSiteClient.Sites.GetSiteOrSlot(target.ResourceGroupName, target.WebAppName, target.SiteSlotName);
webSiteClient.Certificates.CreateOrUpdateCertificate(target.ServicePlanResourceGroupName, certificate.Subject.Replace("CN=", ""), new Certificate()
{
PfxBlob = pfx,
Password = settings.PFXPassword,
Location = s.Location,
});
foreach (var dnsName in target.AllDnsIdentifiers)
{
var sslState = s.HostNameSslStates.FirstOrDefault(g => g.Name == dnsName);
if (sslState == null)
{
sslState = new HostNameSslState()
{
Name = target.Host,
SslState = target.UseIPBasedSSL ? SslState.IpBasedEnabled : SslState.SniEnabled,
};
s.HostNameSslStates.Add(sslState);
}
else
{
//First time setting the HostNameSslState it is set to disabled.
sslState.SslState = target.UseIPBasedSSL ? SslState.IpBasedEnabled : SslState.SniEnabled;
}
sslState.ToUpdate = true;
sslState.Thumbprint = certificate.Thumbprint;
}
webSiteClient.Sites.BeginCreateOrUpdateSiteOrSlot(target.ResourceGroupName, target.WebAppName, target.SiteSlotName, s);
}
public override void Install(Target target, string pfxFilename, X509Store store, X509Certificate2 certificate)
{
var client = _webSiteManagementClient;
Console.WriteLine(String.Format("Installing certificate {0} on azure", pfxFilename));
var bytes = File.ReadAllBytes(pfxFilename);
var pfx = Convert.ToBase64String(bytes);
var s = client.Sites.GetSite(_resourceGroupname, _siteName);
client.Certificates.CreateOrUpdateCertificate(_resourceGroupname, certificate.Subject.Replace("CN=", ""), new Certificate()
{
PfxBlob = pfx,
Password = "",
Location = s.Location,
});
var sslState = s.HostNameSslStates.FirstOrDefault(g => g.Name == target.Host);
if (sslState == null)
{
sslState = new HostNameSslState()
{
Name = target.Host,
SslState = SslState.SniEnabled,
};
s.HostNameSslStates.Add(sslState);
}
else
{
//First time setting the HostNameSslState it is set to disabled.
sslState.SslState = SslState.SniEnabled;
}
sslState.ToUpdate = true;
sslState.Thumbprint = certificate.Thumbprint;
client.Sites.BeginCreateOrUpdateSite(_resourceGroupname, _siteName, s);
}
internal static HostNameSslState[] GetHostNameSslStatesFromSiteResponse(Site site, string hostName = null)
{
var hostNameSslState = new HostNameSslState[0];
if (site.HostNameSslStates != null)
{
hostNameSslState = site.HostNameSslStates.Where(h => h.SslState.HasValue && h.SslState.Value != SslState.Disabled).ToArray();
if (!string.IsNullOrEmpty(hostName))
{
hostNameSslState = hostNameSslState.Where(h => string.Equals(h.Name, hostName)).ToArray();
}
}
return hostNameSslState;
}
internal static WebSiteData DeserializeWebSiteData(JsonElement element)
{
Optional <ManagedServiceIdentity> identity = default;
Optional <ExtendedLocation> extendedLocation = default;
Optional <string> kind = default;
IDictionary <string, string> tags = default;
AzureLocation location = default;
ResourceIdentifier id = default;
string name = default;
ResourceType type = default;
SystemData systemData = default;
Optional <string> state = default;
Optional <IReadOnlyList <string> > hostNames = default;
Optional <string> repositorySiteName = default;
Optional <UsageState> usageState = default;
Optional <bool> enabled = default;
Optional <IReadOnlyList <string> > enabledHostNames = default;
Optional <SiteAvailabilityState> availabilityState = default;
Optional <IList <HostNameSslState> > hostNameSslStates = default;
Optional <string> serverFarmId = default;
Optional <bool> reserved = default;
Optional <bool> isXenon = default;
Optional <bool> hyperV = default;
Optional <DateTimeOffset> lastModifiedTimeUtc = default;
Optional <SiteConfigProperties> siteConfig = default;
Optional <IReadOnlyList <string> > trafficManagerHostNames = default;
Optional <bool> scmSiteAlsoStopped = default;
Optional <string> targetSwapSlot = default;
Optional <HostingEnvironmentProfile> hostingEnvironmentProfile = default;
Optional <bool> clientAffinityEnabled = default;
Optional <bool> clientCertEnabled = default;
Optional <ClientCertMode> clientCertMode = default;
Optional <string> clientCertExclusionPaths = default;
Optional <bool> hostNamesDisabled = default;
Optional <string> customDomainVerificationId = default;
Optional <string> outboundIpAddresses = default;
Optional <string> possibleOutboundIpAddresses = default;
Optional <int> containerSize = default;
Optional <int> dailyMemoryTimeQuota = default;
Optional <DateTimeOffset?> suspendedTill = default;
Optional <int?> maxNumberOfWorkers = default;
Optional <CloningInfo> cloningInfo = default;
Optional <string> resourceGroup = default;
Optional <bool> isDefaultContainer = default;
Optional <string> defaultHostName = default;
Optional <SlotSwapStatus> slotSwapStatus = default;
Optional <bool> httpsOnly = default;
Optional <RedundancyMode> redundancyMode = default;
Optional <Guid?> inProgressOperationId = default;
Optional <bool> storageAccountRequired = default;
Optional <string> keyVaultReferenceIdentity = default;
Optional <string> virtualNetworkSubnetId = default;
foreach (var property in element.EnumerateObject())
{
if (property.NameEquals("identity"))
{
if (property.Value.ValueKind == JsonValueKind.Null)
{
property.ThrowNonNullablePropertyIsNull();
continue;
}
identity = JsonSerializer.Deserialize <ManagedServiceIdentity>(property.Value.ToString());
continue;
}
if (property.NameEquals("extendedLocation"))
{
if (property.Value.ValueKind == JsonValueKind.Null)
{
property.ThrowNonNullablePropertyIsNull();
continue;
}
extendedLocation = ExtendedLocation.DeserializeExtendedLocation(property.Value);
continue;
}
if (property.NameEquals("kind"))
{
kind = property.Value.GetString();
continue;
}
if (property.NameEquals("tags"))
{
Dictionary <string, string> dictionary = new Dictionary <string, string>();
foreach (var property0 in property.Value.EnumerateObject())
{
dictionary.Add(property0.Name, property0.Value.GetString());
}
tags = dictionary;
continue;
}
if (property.NameEquals("location"))
{
location = property.Value.GetString();
continue;
}
if (property.NameEquals("id"))
{
id = new ResourceIdentifier(property.Value.GetString());
continue;
}
if (property.NameEquals("name"))
{
name = property.Value.GetString();
continue;
}
if (property.NameEquals("type"))
{
type = property.Value.GetString();
continue;
}
if (property.NameEquals("systemData"))
{
systemData = JsonSerializer.Deserialize <SystemData>(property.Value.ToString());
continue;
}
if (property.NameEquals("properties"))
{
if (property.Value.ValueKind == JsonValueKind.Null)
{
property.ThrowNonNullablePropertyIsNull();
continue;
}
foreach (var property0 in property.Value.EnumerateObject())
{
if (property0.NameEquals("state"))
{
state = property0.Value.GetString();
continue;
}
if (property0.NameEquals("hostNames"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
List <string> array = new List <string>();
foreach (var item in property0.Value.EnumerateArray())
{
array.Add(item.GetString());
}
hostNames = array;
continue;
}
if (property0.NameEquals("repositorySiteName"))
{
repositorySiteName = property0.Value.GetString();
continue;
}
if (property0.NameEquals("usageState"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
usageState = property0.Value.GetString().ToUsageState();
continue;
}
if (property0.NameEquals("enabled"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
enabled = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("enabledHostNames"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
List <string> array = new List <string>();
foreach (var item in property0.Value.EnumerateArray())
{
array.Add(item.GetString());
}
enabledHostNames = array;
continue;
}
if (property0.NameEquals("availabilityState"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
availabilityState = property0.Value.GetString().ToSiteAvailabilityState();
continue;
}
if (property0.NameEquals("hostNameSslStates"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
List <HostNameSslState> array = new List <HostNameSslState>();
foreach (var item in property0.Value.EnumerateArray())
{
array.Add(HostNameSslState.DeserializeHostNameSslState(item));
}
hostNameSslStates = array;
continue;
}
if (property0.NameEquals("serverFarmId"))
{
serverFarmId = property0.Value.GetString();
continue;
}
if (property0.NameEquals("reserved"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
reserved = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("isXenon"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
isXenon = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("hyperV"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
hyperV = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("lastModifiedTimeUtc"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
lastModifiedTimeUtc = property0.Value.GetDateTimeOffset("O");
continue;
}
if (property0.NameEquals("siteConfig"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
siteConfig = SiteConfigProperties.DeserializeSiteConfigProperties(property0.Value);
continue;
}
if (property0.NameEquals("trafficManagerHostNames"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
trafficManagerHostNames = null;
continue;
}
List <string> array = new List <string>();
foreach (var item in property0.Value.EnumerateArray())
{
array.Add(item.GetString());
}
trafficManagerHostNames = array;
continue;
}
if (property0.NameEquals("scmSiteAlsoStopped"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
scmSiteAlsoStopped = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("targetSwapSlot"))
{
targetSwapSlot = property0.Value.GetString();
continue;
}
if (property0.NameEquals("hostingEnvironmentProfile"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
hostingEnvironmentProfile = null;
continue;
}
hostingEnvironmentProfile = HostingEnvironmentProfile.DeserializeHostingEnvironmentProfile(property0.Value);
continue;
}
if (property0.NameEquals("clientAffinityEnabled"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
clientAffinityEnabled = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("clientCertEnabled"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
clientCertEnabled = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("clientCertMode"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
clientCertMode = property0.Value.GetString().ToClientCertMode();
continue;
}
if (property0.NameEquals("clientCertExclusionPaths"))
{
clientCertExclusionPaths = property0.Value.GetString();
continue;
}
if (property0.NameEquals("hostNamesDisabled"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
hostNamesDisabled = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("customDomainVerificationId"))
{
customDomainVerificationId = property0.Value.GetString();
continue;
}
if (property0.NameEquals("outboundIpAddresses"))
{
outboundIpAddresses = property0.Value.GetString();
continue;
}
if (property0.NameEquals("possibleOutboundIpAddresses"))
{
possibleOutboundIpAddresses = property0.Value.GetString();
continue;
}
if (property0.NameEquals("containerSize"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
containerSize = property0.Value.GetInt32();
continue;
}
if (property0.NameEquals("dailyMemoryTimeQuota"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
dailyMemoryTimeQuota = property0.Value.GetInt32();
continue;
}
if (property0.NameEquals("suspendedTill"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
suspendedTill = null;
continue;
}
suspendedTill = property0.Value.GetDateTimeOffset("O");
continue;
}
if (property0.NameEquals("maxNumberOfWorkers"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
maxNumberOfWorkers = null;
continue;
}
maxNumberOfWorkers = property0.Value.GetInt32();
continue;
}
if (property0.NameEquals("cloningInfo"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
cloningInfo = null;
continue;
}
cloningInfo = CloningInfo.DeserializeCloningInfo(property0.Value);
continue;
}
if (property0.NameEquals("resourceGroup"))
{
resourceGroup = property0.Value.GetString();
continue;
}
if (property0.NameEquals("isDefaultContainer"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
isDefaultContainer = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("defaultHostName"))
{
defaultHostName = property0.Value.GetString();
continue;
}
if (property0.NameEquals("slotSwapStatus"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
slotSwapStatus = null;
continue;
}
slotSwapStatus = SlotSwapStatus.DeserializeSlotSwapStatus(property0.Value);
continue;
}
if (property0.NameEquals("httpsOnly"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
httpsOnly = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("redundancyMode"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
redundancyMode = property0.Value.GetString().ToRedundancyMode();
continue;
}
if (property0.NameEquals("inProgressOperationId"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
inProgressOperationId = null;
continue;
}
inProgressOperationId = property0.Value.GetGuid();
continue;
}
if (property0.NameEquals("storageAccountRequired"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
storageAccountRequired = property0.Value.GetBoolean();
continue;
}
if (property0.NameEquals("keyVaultReferenceIdentity"))
{
keyVaultReferenceIdentity = property0.Value.GetString();
continue;
}
if (property0.NameEquals("virtualNetworkSubnetId"))
{
virtualNetworkSubnetId = property0.Value.GetString();
continue;
}
}
continue;
}
}
return(new WebSiteData(id, name, type, systemData, tags, location, kind.Value, identity, extendedLocation.Value, state.Value, Optional.ToList(hostNames), repositorySiteName.Value, Optional.ToNullable(usageState), Optional.ToNullable(enabled), Optional.ToList(enabledHostNames), Optional.ToNullable(availabilityState), Optional.ToList(hostNameSslStates), serverFarmId.Value, Optional.ToNullable(reserved), Optional.ToNullable(isXenon), Optional.ToNullable(hyperV), Optional.ToNullable(lastModifiedTimeUtc), siteConfig.Value, Optional.ToList(trafficManagerHostNames), Optional.ToNullable(scmSiteAlsoStopped), targetSwapSlot.Value, hostingEnvironmentProfile.Value, Optional.ToNullable(clientAffinityEnabled), Optional.ToNullable(clientCertEnabled), Optional.ToNullable(clientCertMode), clientCertExclusionPaths.Value, Optional.ToNullable(hostNamesDisabled), customDomainVerificationId.Value, outboundIpAddresses.Value, possibleOutboundIpAddresses.Value, Optional.ToNullable(containerSize), Optional.ToNullable(dailyMemoryTimeQuota), Optional.ToNullable(suspendedTill), Optional.ToNullable(maxNumberOfWorkers), cloningInfo.Value, resourceGroup.Value, Optional.ToNullable(isDefaultContainer), defaultHostName.Value, slotSwapStatus.Value, Optional.ToNullable(httpsOnly), Optional.ToNullable(redundancyMode), Optional.ToNullable(inProgressOperationId), Optional.ToNullable(storageAccountRequired), keyVaultReferenceIdentity.Value, virtualNetworkSubnetId.Value));
}
///GENMHASH:040FCD0915B61247DC4493834E39F655:A419F25EF828A0B88F2F3CAA051C4F14
internal HostNameSslBindingImpl(HostNameSslState inner, FluentImplT parent)
: base(inner)
{
this.parent = parent;
}
public static void Install(Target target, string pfxFilename, X509Certificate2 certificate)
{
Console.WriteLine(String.Format("Installing certificate {0} on azure", pfxFilename));
var bytes = File.ReadAllBytes(pfxFilename);
var pfx = Convert.ToBase64String(bytes);
var s = webSiteClient.Sites.GetSite(target.ResourceGroupName, target.WebAppName);
webSiteClient.Certificates.CreateOrUpdateCertificate(target.ResourceGroupName, certificate.Subject.Replace("CN=", ""), new Certificate()
{
PfxBlob = pfx,
Password = "",
Location = s.Location,
});
var sslState = s.HostNameSslStates.FirstOrDefault(g => g.Name == target.Host);
if (sslState == null)
{
sslState = new HostNameSslState()
{
Name = target.Host,
SslState = SslState.SniEnabled,
};
s.HostNameSslStates.Add(sslState);
}
else
{
//First time setting the HostNameSslState it is set to disabled.
sslState.SslState = SslState.SniEnabled;
}
sslState.ToUpdate = true;
sslState.Thumbprint = certificate.Thumbprint;
webSiteClient.Sites.BeginCreateOrUpdateSite(target.ResourceGroupName, target.WebAppName, s);
}
