/// <summary>
/// Gets locally registered enrollment policy server endpoints.
/// </summary>
/// <param name="userContext">Specifies whether to retrieve enrollment policy server endpoints for user or machine context.</param>
/// <exception cref="NotSupportedException">The operating system do not support certificate enrollment policy servers.</exception>
/// <returns>An array of registered enrollment policy server endpoints.</returns>
public static PolicyServerClient[] GetPolicyServers(Boolean userContext)
{
if (!CryptographyUtils.TestCepCompat())
{
throw new NotSupportedException();
}
List <PolicyServerClient> policies = new List <PolicyServerClient>();
X509CertificateEnrollmentContext context = userContext
? X509CertificateEnrollmentContext.ContextUser
: X509CertificateEnrollmentContext.ContextMachine;
foreach (PolicyServerUrlFlags flag in new [] { PolicyServerUrlFlags.PsfLocationGroupPolicy, PolicyServerUrlFlags.PsfLocationRegistry })
{
CX509PolicyServerListManager serverManager = new CX509PolicyServerListManager();
try {
serverManager.Initialize(context, flag);
IEnumerator enumerator = serverManager.GetEnumerator();
do
{
if (enumerator.Current != null)
{
policies.Add(new PolicyServerClient((IX509PolicyServerUrl)enumerator.Current, userContext));
}
} while (enumerator.MoveNext());
} finally {
CryptographyUtils.ReleaseCom(serverManager);
}
}
return(policies.ToArray());
}
/// <param name="url">Specifies the certificate enrollment policy server endpoint URL.</param>
/// <param name="userContext">Specifies whether the policy is intended for user or computer context.</param>
/// <param name="authentication">Specifies the authentication type used for the policy server.</param>
/// <param name="userName">
/// Specifies the user name to authenticate in enrollment policy server.
/// <para>If the authentication type is set to <strong>ClientCertificate</strong>, this parameter must contains
/// authentication certificate's thumbprint.</para>
/// <para>This parameter must be omitted when <strong>Kerberos</strong> authentication is used.</para>
/// </param>
/// <param name="password">
/// Specifies the password to authenticate in enrollment policy server.
/// <para>This parameter must be used only when <strong>UserNameAndPassword</strong> authentication
/// method is used. This parameter must be omitted in all other authentication methods.</para>
/// </param>
/// <exception cref="ArgumentNullException">The <strong>url</strong> parameter is null.</exception>
/// <exception cref="NotSupportedException">The operating system do not support certificate enrollment policy servers.</exception>
public PolicyServerClient(String url, Boolean userContext, PolicyAuthenticationEnum authentication, String userName, SecureString password)
{
if (!CryptographyUtils.TestCepCompat())
{
throw new NotSupportedException();
}
if (String.IsNullOrEmpty(url))
{
throw new ArgumentNullException(nameof(url));
}
registered = false;
uName = userName;
uPassword = password;
m_initialize2(url, userContext, authentication, false);
}