static async Task Main(string[] args)
{
Uri baseAddress = new Uri(Helper.BaseAddress);
//var ep = new Uri(Helper.UnSecure);
// Create the ServiceHost.
using (ServiceHost host = new ServiceHost(typeof(HelloWorldService), baseAddress))
{
// Enable metadata publishing.
ServiceMetadataBehavior smb = new ServiceMetadataBehavior();
host.Description.Behaviors.Add(smb);
host.AddServiceEndpoint(typeof(IMetadataExchange),
MetadataExchangeBindings.CreateMexTcpBinding(), "mex");
host.AddServiceEndpoint(typeof(IHelloWorldService),
Helper.Binding(SecurityMode.Transport), Helper.UnSecure);
var amazonCertificateManager = new AmazonCertificateManagerClient(Amazon.RegionEndpoint.USWest2);
var certManager = new CertifcateManager.AcmClient(amazonCertificateManager);
var cert = await certManager.GetCertificate(certArn);
//var cert = Helper.GetCertificate();
host.Credentials.ServiceCertificate.Certificate = cert;
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
host.Credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
host.Open();
Console.WriteLine($"The service is ready\n meta:{baseAddress}\n Binding Address:{Helper.UnSecure}");
Console.WriteLine("Press <Enter> to stop the service.");
Console.ReadLine();
// Close the ServiceHost.
host.Close();
}
}
public override void Invoke(AWSCredentials creds, RegionEndpoint region, int maxItems)
{
AmazonCertificateManagerConfig config = new AmazonCertificateManagerConfig();
config.RegionEndpoint = region;
ConfigureClient(config);
AmazonCertificateManagerClient client = new AmazonCertificateManagerClient(creds, config);
ListCertificatesResponse resp = new ListCertificatesResponse();
do
{
ListCertificatesRequest req = new ListCertificatesRequest
{
NextToken = resp.NextToken
,
MaxItems = maxItems
};
resp = client.ListCertificates(req);
CheckError(resp.HttpStatusCode, "200");
foreach (var obj in resp.CertificateSummaryList)
{
AddObject(obj);
}
}while (!string.IsNullOrEmpty(resp.NextToken));
}
/// <summary>
/// Retrieves a list of the certificates defined in this region.
/// </summary>
/// <param name="client">The ACM client object passed to the
/// ListCertificateResAsync method call.</param>
/// <param name="request"></param>
/// <returns></returns>
static async Task <ListCertificatesResponse> ListCertificatesResponseAsync(AmazonCertificateManagerClient client)
{
var request = new ListCertificatesRequest();
var response = await client.ListCertificatesAsync(request);
return(response);
}
static void Main(string[] args)
{
var _client = new AmazonCertificateManagerClient(ACMRegion);
var certificateList = ListCertificatesResponseAsync(client: _client);
Console.WriteLine("Certificate Summary List\n");
foreach (var certificate in certificateList.Result.CertificateSummaryList)
{
Console.WriteLine($"Certificate Domain: {certificate.DomainName}");
Console.WriteLine($"Certificate ARN: {certificate.CertificateArn}\n");
}
}
protected IAmazonCertificateManager CreateClient(AWSCredentials credentials, RegionEndpoint region)
{
var config = new AmazonCertificateManagerConfig {
RegionEndpoint = region
};
Amazon.PowerShell.Utils.Common.PopulateConfig(this, config);
this.CustomizeClientConfig(config);
var client = new AmazonCertificateManagerClient(credentials, config);
client.BeforeRequestEvent += RequestEventHandler;
client.AfterResponseEvent += ResponseEventHandler;
return(client);
}
/// <summary>
/// Validate the certificate on ARN. The ARN is stored in the appsettings.json.
///
/// The X509Certificate2 is injected into this class.
///
/// </summary>
/// <param name="clientCertificate"></param>
/// <param name="arn"></param>
/// <returns></returns>
public bool ValidateCertificate(X509Certificate2 clientCertificate, string arn)
{
bool validCert = false;
try
{
Log.Information("Before Validate Certificate");
AmazonCertificateManagerClient client = new AmazonCertificateManagerClient();
var certificates = client.GetCertificateAsync(arn).Result;
var handler = new HttpClientHandler
{
ClientCertificateOptions = ClientCertificateOption.Manual,
SslProtocols = SslProtocols.Tls12
};
byte[] toBytes = Encoding.ASCII.GetBytes(certificates.Certificate);
var cert = new X509Certificate2(toBytes);
handler.ClientCertificates.Add(cert);
var httpClient = new HttpClient(handler);
// I removed the issuer name for security reasons
if (cert.IssuerName.Name == "Dummy Issues Name")
{
validCert = true;
Log.Information("Valid Certificate Found!");
}
}
catch (Exception ex)
{
Log.Error("Error in Validate Certificate: " + ex.Message);
}
return(validCert);
}
static async Task <DescribeCertificateResponse> DescribeCertificateResponseAsync(AmazonCertificateManagerClient client, DescribeCertificateRequest request)
{
var response = await client.DescribeCertificateAsync(request);
return(response);
}
/// <summary>
/// Retrieves the metadata associated with the ACM service certificate.
/// </summary>
/// <param name="client">An AmazonCertificateManagerClient object
/// used to call DescribeCertificateResponse.</param>
/// <param name="request">The DescribeCertificateRequest object that
/// will be passed to the method call.</param>
/// <returns></returns>
static async Task <DescribeCertificateResponse> DescribeCertificateResponseAsync(AmazonCertificateManagerClient client, DescribeCertificateRequest request)
{
var response = new DescribeCertificateResponse();
try
{
response = await client.DescribeCertificateAsync(request);
}
catch (InvalidArnException ex)
{
Console.WriteLine($"Error: The ARN specified is invalid.");
}
catch (ResourceNotFoundException ex)
{
Console.WriteLine($"Error: The specified certificate cound not be found.");
}
return(response);
}
public ACMHelper(int maxDegreeOfParalelism = 2)
{
_maxDegreeOfParalelism = maxDegreeOfParalelism;
_client = new AmazonCertificateManagerClient();
}
