Пример #1
0
        public byte[] GenerateComCert(int comServerId)
        {
            var comServer = GetServer(comServerId);

            if (comServer == null)
            {
                return(null);
            }

            var iCert = new ServiceCertificate().GetIntermediate();
            var site  = new Uri(comServer.Url);
            var intermediateEntity = new ServiceCertificate().GetIntermediateEntity();
            var pass             = new EncryptionServices().DecryptText(intermediateEntity.Password);
            var intermediateCert = new X509Certificate2(intermediateEntity.PfxBlob, pass, X509KeyStorageFlags.Exportable);
            var certRequest      = new CertificateRequest();
            var organization     = ServiceSetting.GetSettingValue(SettingStrings.CertificateOrganization);

            certRequest.SubjectName = string.Format($"CN={site.Host}");
            certRequest.NotBefore   = DateTime.UtcNow;
            certRequest.NotAfter    = certRequest.NotBefore.AddYears(10);
            var certificate = new ServiceGenerateCertificate(certRequest).IssueCertificate(intermediateCert, false, true);

            var bytes = certificate.Export(X509ContentType.Pfx);

            return(bytes);
        }
Пример #2
0
        public bool GenerateCAandInt()
        {
            var isAllowed = ConfigurationManager.AppSettings["AllowCAGen"];

            if (!isAllowed.ToLower().Equals("true"))
            {
                Logger.Debug("Certificates cannot be generated without updating the web.config key AllowCAGen");
                return(false);
            }

            var certRequest  = new CertificateRequest();
            var organization = new ServiceSetting().GetSetting(SettingStrings.CertificateOrganization);

            if (organization == null)
            {
                return(false);
            }
            if (string.IsNullOrEmpty(organization.Value))
            {
                return(false);
            }
            certRequest.SubjectName = string.Format("O={0},CN=Toems CA", organization.Value);
            certRequest.NotBefore   = DateTime.UtcNow;
            certRequest.NotAfter    = certRequest.NotBefore.AddYears(20);
            var authCertificate = new ServiceGenerateCertificate(certRequest).CreateCertificateAuthorityCertificate();

            var c = new EntityCertificate();

            c.NotAfter  = authCertificate.NotAfter;
            c.NotBefore = authCertificate.NotBefore;
            c.Serial    = authCertificate.SerialNumber;
            var pfxPass = Membership.GeneratePassword(10, 0);

            c.Password    = new EncryptionServices().EncryptText(pfxPass);
            c.PfxBlob     = authCertificate.Export(X509ContentType.Pfx, pfxPass);
            c.SubjectName = authCertificate.Subject;
            c.Type        = EnumCertificate.CertificateType.Authority;

            var existingCA =
                _uow.CertificateRepository.GetFirstOrDefault(x => x.Type == EnumCertificate.CertificateType.Authority);

            if (existingCA != null)
            {
                _uow.CertificateRepository.Delete(existingCA.Id);
            }

            _uow.CertificateRepository.Insert(c);

            //intermediate
            var intRequest = new CertificateRequest();

            intRequest.SubjectName = string.Format("O={0},CN=Toems Intermediate", organization.Value);
            intRequest.NotBefore   = DateTime.UtcNow;
            intRequest.NotAfter    = intRequest.NotBefore.AddYears(20);
            var intCertificate = new ServiceGenerateCertificate(intRequest).IssueCertificate(authCertificate, true, false);

            var ce = new EntityCertificate();

            ce.NotAfter  = intCertificate.NotAfter;
            ce.NotBefore = intCertificate.NotBefore;
            ce.Serial    = intCertificate.SerialNumber;
            var pfxPassInt = Membership.GeneratePassword(10, 0);

            ce.Password    = new EncryptionServices().EncryptText(pfxPassInt);
            ce.PfxBlob     = intCertificate.Export(X509ContentType.Pfx, pfxPassInt);
            ce.SubjectName = intCertificate.Subject;
            ce.Type        = EnumCertificate.CertificateType.Intermediate;


            var existingInt =
                _uow.CertificateRepository.GetFirstOrDefault(x => x.Type == EnumCertificate.CertificateType.Intermediate);

            if (existingInt != null)
            {
                _uow.CertificateRepository.Delete(existingInt.Id);
            }

            _uow.CertificateRepository.Insert(ce);

            _uow.Save();



            return(true);
        }