public CertifyApiClient(bool useDefaultCredentials = true, Shared.ServiceConfig config = null)
{
_serviceConfig = config ?? Certify.SharedUtils.ServiceConfigManager.GetAppServiceConfig();
_baseUri = $"{(_serviceConfig.UseHTTPS ? "https" : "http")}://{_serviceConfig.Host}:{_serviceConfig.Port}" + _baseUri;
#pragma warning disable SCS0004 // Certificate Validation has been disabled
if (_serviceConfig.UseHTTPS)
{
ServicePointManager.ServerCertificateValidationCallback += (obj, cert, chain, errors) =>
{
// ignore all cert errors when validating URL response
return(true);
};
}
#pragma warning restore SCS0004 // Certificate Validation has been disabled
if (useDefaultCredentials)
{
// use windows authentication
_client = new HttpClient(new HttpClientHandler()
{
UseDefaultCredentials = true
});
}
else
{
//alternative auth
_client = new HttpClient();
}
_client.DefaultRequestHeaders.Add("User-Agent", "Certify/App");
_client.Timeout = new TimeSpan(0, 20, 0); // 20 min timeout on service api calls
}
private void InitLogging(Shared.ServiceConfig serverConfig)
{
_loggingLevelSwitch = new Serilog.Core.LoggingLevelSwitch(Serilog.Events.LogEventLevel.Information);
SetLoggingLevel(serverConfig?.LogLevel);
_serviceLog = new Loggy(
new LoggerConfiguration()
.MinimumLevel.ControlledBy(_loggingLevelSwitch)
.WriteTo.Debug()
.WriteTo.File(Path.Combine(Util.GetAppDataFolder("logs"), "session.log"), shared: true, flushToDiskInterval: new TimeSpan(0, 0, 10), rollOnFileSizeLimit: true, fileSizeLimitBytes: 5 * 1024 * 1024)
.CreateLogger()
);
_serviceLog?.Information($"Logging started: {_loggingLevelSwitch.MinimumLevel}");
}
public CertifyManager(bool useWindowsNativeFeatures = true)
{
_useWindowsNativeFeatures = useWindowsNativeFeatures;
_serverConfig = SharedUtils.ServiceConfigManager.GetAppServiceConfig();
SettingsManager.LoadAppSettings();
InitLogging(_serverConfig);
Util.SetSupportedTLSVersions();
try
{
_itemManager = new ItemManager(null, _serviceLog);
if (!_itemManager.IsInitialised())
{
_serviceLog.Error($"Item Manager failed to initialise properly. Check service logs for more information.");
}
}
catch (Exception exp)
{
_serviceLog.Error($"Failed to open or upgrade the managed items database. Check service has required file access permissions. :: {exp}");
}
_credentialsManager = new CredentialsManager(useWindowsNativeFeatures);
_serverProvider = (ICertifiedServer) new ServerProviderIIS(_serviceLog);
_progressResults = new ObservableCollection <RequestProgressState>();
_pluginManager = new PluginManager();
_pluginManager.EnableExternalPlugins = CoreAppSettings.Current.IncludeExternalPlugins;
_pluginManager.LoadPlugins(new List <string> {
"Licensing", "DashboardClient", "DeploymentTasks", "CertificateManagers", "DnsProviders"
});
_migrationManager = new MigrationManager(_itemManager, _credentialsManager, _serverProvider);
LoadCertificateAuthorities();
// init remaining utilities and optionally enable telematics
_challengeDiagnostics = new ChallengeDiagnostics(CoreAppSettings.Current.EnableValidationProxyAPI);
if (CoreAppSettings.Current.EnableAppTelematics)
{
_tc = new Util().InitTelemetry(Locales.ConfigResources.AIInstrumentationKey);
}
_httpChallengePort = _serverConfig.HttpChallengeServerPort;
_httpChallengeServerClient.Timeout = new TimeSpan(0, 0, 20);
if (_tc != null)
{
_tc.TrackEvent("ServiceStarted");
}
_serviceLog?.Information("Certify Manager Started");
try
{
PerformAccountUpgrades().Wait();
}
catch (Exception exp)
{
_serviceLog.Error($"Failed to perform ACME account upgrades. :: {exp}");
}
PerformManagedCertificateMigrations().Wait();
}
