/// <summary> /// Generates the root ca certificate. /// </summary> /// <param name="rootCertificateAuthority">The root certificate authority.</param> private void GenerateRootCaCertificate(CertificateAuthorityConfiguration rootCertificateAuthority) { /* Create an RSA public/private key context, set a label for it, and generate a key into it */ var caKeyPair = crypt.CreateContext(crypt.UNUSED, crypt.ALGO_RSA); crypt.SetAttributeString(caKeyPair, crypt.CTXINFO_LABEL, rootCertificateAuthority.KeyLabel); crypt.SetAttribute(caKeyPair, crypt.CTXINFO_KEYSIZE, 2048 / 8); crypt.GenerateKey(caKeyPair); var caKeyStore = crypt.KeysetOpen(crypt.UNUSED, crypt.KEYSET_FILE, rootCertificateAuthority.KeystoreFileName, crypt.KEYOPT_CREATE); crypt.AddPrivateKey(caKeyStore, caKeyPair, rootCertificateAuthority.PrivateKeyPassword); crypt.KeysetClose(caKeyStore); var certificate = crypt.CreateCert(crypt.UNUSED, crypt.CERTTYPE_CERTIFICATE); crypt.SetAttribute(certificate, crypt.CERTINFO_SUBJECTPUBLICKEYINFO, caKeyPair); crypt.SetAttributeString(certificate, crypt.CERTINFO_COUNTRYNAME, rootCertificateAuthority.DistinguishedName.Country); crypt.SetAttributeString(certificate, crypt.CERTINFO_STATEORPROVINCENAME, rootCertificateAuthority.DistinguishedName.State); crypt.SetAttributeString(certificate, crypt.CERTINFO_LOCALITYNAME, rootCertificateAuthority.DistinguishedName.Locality); crypt.SetAttributeString(certificate, crypt.CERTINFO_ORGANIZATIONNAME, rootCertificateAuthority.DistinguishedName.Organization); crypt.SetAttributeString(certificate, crypt.CERTINFO_ORGANIZATIONALUNITNAME, rootCertificateAuthority.DistinguishedName.OrganizationalUnit); crypt.SetAttributeString(certificate, crypt.CERTINFO_COMMONNAME, rootCertificateAuthority.DistinguishedName.CommonName); crypt.SetAttribute(certificate, crypt.CERTINFO_SELFSIGNED, 1); crypt.SetAttribute(certificate, crypt.CERTINFO_CA, 1); crypt.SetAttribute(certificate, crypt.ATTRIBUTE_CURRENT, crypt.CERTINFO_AUTHORITYINFO_CERTSTORE); crypt.SetAttributeString(certificate, crypt.CERTINFO_UNIFORMRESOURCEIDENTIFIER, rootCertificateAuthority.CertStoreUrl); crypt.SetAttribute(certificate, crypt.ATTRIBUTE_CURRENT, crypt.CERTINFO_AUTHORITYINFO_OCSP); crypt.SetAttributeString(certificate, crypt.CERTINFO_UNIFORMRESOURCEIDENTIFIER, rootCertificateAuthority.OcspUrl); crypt.SignCert(certificate, caKeyPair); crypt.AddPublicKey(caKeyStore, certificate); var dataSize = crypt.ExportCert(null, 0, crypt.CERTFORMAT_CERTIFICATE, certificate); var exportedCert = new byte[dataSize]; crypt.ExportCert(exportedCert, dataSize, crypt.CERTFORMAT_CERTIFICATE, certificate); File.WriteAllBytes(rootCertificateAuthority.CertificateFileName, exportedCert); crypt.DestroyContext(caKeyPair); crypt.DestroyCert(certificate); }
/// <summary> /// Installs the specified root certificate authority. /// </summary> /// <param name="rootCertificateAuthority">The root certificate authority.</param> /// <param name="intermediateCertificateAuthorities">The intermediate certificate authorities.</param> public void Install(CertificateAuthorityConfiguration rootCertificateAuthority, List <CertificateConfiguration> intermediateCertificateAuthorities) { GenerateRootCaCertificate(rootCertificateAuthority); InitializeCertificateStore(rootCertificateAuthority); foreach (var configuration in intermediateCertificateAuthorities) { GenerateIntermediateCertificate(configuration); } }
/// <summary> /// Initializes the certificate store. /// </summary> private void InitializeCertificateStore(CertificateAuthorityConfiguration rootCertificateAuthority) { if (!File.Exists(rootCertificateAuthority.CertificateStoreFilePath)) { var file = File.Create(rootCertificateAuthority.CertificateStoreFilePath); file.Close(); } var certStore = crypt.KeysetOpen(crypt.UNUSED, crypt.KEYSET_ODBC_STORE, rootCertificateAuthority.CertificateStoreOdbcName, crypt.KEYOPT_CREATE); crypt.KeysetClose(certStore); }
private void InitializeCertificateStore(CertificateAuthorityConfiguration configuration) { // Don't need this section unless using SQLite if (!File.Exists(configuration.CertificateStoreFilePath)) { var file = File.Create(configuration.CertificateStoreFilePath); file.Close(); } var certStore = crypt.KeysetOpen(crypt.UNUSED, crypt.KEYSET_ODBC_STORE, configuration.CertificateStoreOdbcName, crypt.KEYOPT_CREATE); crypt.KeysetClose(certStore); }
public void Install(CertificateAuthorityConfiguration rootCertificateAuthority, List <CertificateConfiguration> intermediateCertificateAuthorities) { if (!Directory.Exists(ConfigurationData.BaseDirectory)) { Directory.CreateDirectory(ConfigurationData.BaseDirectory); } GenerateRootCaCertificate(rootCertificateAuthority); InitializeCertificateStore(rootCertificateAuthority); foreach (var configuration in intermediateCertificateAuthorities) { GenerateIntermediateCertificate(configuration); } }
private void GenerateRootCaCertificate(CertificateAuthorityConfiguration configuration) { }
public void SubmitCertificateRequest(CertificateAuthorityConfiguration certificateAuthorityConfiguration, string certificateRequestFileName) { }
public void IssueCertificate(CertificateAuthorityConfiguration certificateAuthorityConfiguration, string certificateEmailAddress, string certificateFileName) { }