public CertificateBuilderService(ILogger <CertificateBuilderService> logger,
IOptions <LetsEncryptOptions> options,
CertificateSelector certificateSelector)
{
_logger = logger;
_options = options.Value;
_certificateSelector = certificateSelector;
}
public CertificateRequestService(ILogger <CertificateRequestService> logger,
IOptions <LetsEncryptOptions> options,
CertificateSelector certificateSelector,
AccountManager accountManager,
IHttpChallengeResponseStore httpChallengeResponseStore)
{
_logger = logger;
_options = options.Value;
_certificateSelector = certificateSelector;
_accountManager = accountManager;
_httpChallengeResponseStore = httpChallengeResponseStore;
}
public static void AddLetsEncrypt(this IServiceCollection services, LetsEncryptOptions options)
{
if (!options.AcceptTermsOfService)
{
throw new Exception("You must accept Let’s Encrypt terms of service");
}
services.Configure <LetsEncryptOptions>(x =>
{
x.EmailAddress = options.EmailAddress;
x.CacheFolder = options.CacheFolder;
x.AccountKey = options.AccountKey;
x.EncryptionPassword = options.EncryptionPassword;
x.DaysBefore = options.DaysBefore;
x.UseStagingServer = options.UseStagingServer;
});
var selector = new CertificateSelector(options);
foreach (var host in options.ConfiguredHosts)
{
var cert = host.FallBackCertificate;
if (host.FallBackCertificate == null && !string.IsNullOrEmpty(options.CacheFolder))
{
var fileName = Path.Combine(options.CacheFolder, host.HostName + ".pfx");
if (File.Exists(fileName))
{
cert = new X509Certificate2(fileName, options.EncryptionPassword);
}
}
selector.Use(host.HostName, cert);
}
ServiceLocator.SetCertificateSelector(selector);
services.AddSingleton <CertificateSelector>(x => selector);
services.AddSingleton <AccountManager>();
services.AddSingleton <HttpChallengeResponseMiddleware>();
services.AddSingleton <IHttpChallengeResponseStore, InMemoryHttpChallengeResponseStore>();
services.AddTransient <IConfigureOptions <KestrelServerOptions>, KestrelOptionsSetup>();
services.AddTransient <CertificateBuilderService>();
services.AddHostedService <CertificateRequestService>();
}
public AccountManager(ILogger <CertificateRequestService> logger, IOptions <LetsEncryptOptions> options)
{
_logger = logger;
_options = options.Value;
if (string.IsNullOrEmpty(options.Value.AccountKey))
{
if (!string.IsNullOrEmpty(options.Value.CacheFolder))
{
_keyFile = Path.Combine(options.Value.CacheFolder, "account");
if (File.Exists(_keyFile))
{
_accountKey = File.ReadAllText(_keyFile);
}
}
}
else
{
_accountKey = options.Value.AccountKey;
}
}
public CertificateSelector(LetsEncryptOptions options)
{
_options = options ?? throw new ArgumentNullException(nameof(options));
}