public static SerializeCert ( |
||
cert | The certificate provided | |
contentType | X509ContentType | Cert content type |
return | string |
/// <summary> /// Generates vault creds file /// </summary> /// <param name="cert">management certificate</param> /// <param name="subscriptionId">subscription Id</param> /// <param name="acsNamespace">acs namespace</param> /// <returns>xml file in string format</returns> private string GenerateVaultCreds(X509Certificate2 cert, string subscriptionId, VaultCertificateResponse vaultCertificateResponse) { try { var certString = CertUtils.SerializeCert(cert, X509ContentType.Pfx); return(GenerateVaultCredsForBackup(certString, subscriptionId, vaultCertificateResponse)); } catch (Exception exception) { throw exception; } }
/// <summary> /// Generates vault creds file content for backup Vault /// </summary> /// <param name="cert">management certificate</param> /// <param name="subscriptionId">subscription Id</param> /// <param name="acsNamespace">acs namespace</param> /// <returns>xml file in string format</returns> private string GenerateVaultCredsForBackup(X509Certificate2 cert, string subscriptionId, AcsNamespace acsNamespace) { using (var output = new MemoryStream()) { using (var writer = XmlWriter.Create(output, GetXmlWriterSettings())) { BackupVaultCreds backupVaultCreds = new BackupVaultCreds(subscriptionId, this.Vault.Name, CertUtils.SerializeCert(cert, X509ContentType.Pfx), acsNamespace, GetAgentLinks()); DataContractSerializer serializer = new DataContractSerializer(typeof(BackupVaultCreds)); serializer.WriteObject(writer, backupVaultCreds); WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.BackupVaultSerialized)); } return(Encoding.UTF8.GetString(output.ToArray())); } }
/// <summary> /// Generates vault creds file content for backup Vault /// </summary> /// <param name="cert">management certificate</param> /// <param name="subscriptionId">subscription Id</param> /// <param name="acsNamespace">acs namespace</param> /// <returns>xml file in string format</returns> private string GenerateVaultCredsForBackup(X509Certificate2 cert, string subscriptionId, VaultCertificateResponse vaultCertificateResponse) { using (var output = new MemoryStream()) { using (var writer = XmlWriter.Create(output, GetXmlWriterSettings())) { ResourceCertificateAndAadDetails aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails; RSBackupVaultAADCreds vaultCreds = new RSBackupVaultAADCreds() { SubscriptionId = subscriptionId, ResourceName = Vault.Name, ManagementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx), ResourceId = aadDetails.ResourceId.Value, AadAuthority = aadDetails.AadAuthority, AadTenantId = aadDetails.AadTenantId, ServicePrincipalClientId = aadDetails.ServicePrincipalClientId, IdMgmtRestEndpoint = aadDetails.AzureManagementEndpointAudience, ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace, ResourceGroup = Vault.ResourceGroupName, Location = Vault.Location, Version = VaultCredentialVersionAad, ResourceType = RecoveryServicesVaultType, AgentLinks = GetAgentLinks() }; DataContractSerializer serializer = new DataContractSerializer(typeof(RSBackupVaultAADCreds)); serializer.WriteObject(writer, vaultCreds); WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.BackupVaultSerialized)); } return(Encoding.UTF8.GetString(output.ToArray())); } }
/// <summary> /// Generates vault creds file content for Site Recovery Vault /// </summary> /// <param name="cert">management certificate</param> /// <param name="subscriptionId">subscription Id</param> /// <param name="vaultCertificateResponse">vaultCertificate Response</param> /// <param name="asrSite">asrSite Info</param> /// <returns>xml file in string format</returns> private string GenerateVaultCredsForSiteRecovery(X509Certificate2 cert, string subscriptionId, VaultCertificateResponse vaultCertificateResponse, ASRSite asrSite) { using (var output = new MemoryStream()) { using (var writer = XmlWriter.Create(output, GetXmlWriterSettings())) { ResourceCertificateAndAadDetails aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails; string resourceProviderNamespace = string.Empty; string resourceType = string.Empty; Utilities.GetResourceProviderNamespaceAndType(this.Vault.ID, out resourceProviderNamespace, out resourceType); Logger.Instance.WriteDebug(string.Format( "GenerateVaultCredential resourceProviderNamespace = {0}, resourceType = {1}", resourceProviderNamespace, resourceType)); // Update vault settings with the working vault to generate file Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceGroupName = this.Vault.ResourceGroupName, ResourceName = this.Vault.Name, ResourceNamespace = resourceProviderNamespace, ARMResourceType = resourceType }); //Code taken from Ibiza code string aadAudience = string.Format(CultureInfo.InvariantCulture, @"https://RecoveryServiceVault/{0}/{1}/{2}", Vault.Location, Vault.Name, aadDetails.ResourceId); RSVaultAsrCreds vaultCreds = new RSVaultAsrCreds() { VaultDetails = new ASRVaultDetails { SubscriptionId = subscriptionId, ResourceGroup = this.Vault.ResourceGroupName, ResourceName = this.Vault.Name, ResourceId = aadDetails.ResourceId.Value, Location = Vault.Location, ResourceType = RecoveryServicesVaultType, ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace }, ManagementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx), Version = VaultCredentialVersionAad, AadDetails = new ASRVaultAadDetails { AadAuthority = aadDetails.AadAuthority, AadTenantId = aadDetails.AadTenantId, ServicePrincipalClientId = aadDetails.ServicePrincipalClientId, AadVaultAudience = aadAudience, ArmManagementEndpoint = aadDetails.AzureManagementEndpointAudience }, ChannelIntegrityKey = this.RecoveryServicesClient.GetCurrentVaultChannelIntegrityKey(), SiteId = asrSite.ID == null ? String.Empty : asrSite.ID, SiteName = asrSite.Name == null ? String.Empty : asrSite.Name }; DataContractSerializer serializer = new DataContractSerializer(typeof(RSVaultAsrCreds)); serializer.WriteObject(writer, vaultCreds); } return(Encoding.UTF8.GetString(output.ToArray())); } }
/// <summary> /// Method to execute the command /// </summary> private void GetSiteRecoveryCredentials() { var subscription = DefaultProfile.DefaultContext.Subscription; // Generate certificate var cert = CertUtils.CreateSelfSignedCertificate( VaultCertificateExpiryInHoursForHRM, subscription.Id, Vault.Name); var site = new ASRSite(); if (!string.IsNullOrEmpty(SiteIdentifier) && !string.IsNullOrEmpty(SiteFriendlyName)) { site.ID = SiteIdentifier; site.Name = SiteFriendlyName; } var fileName = GenerateFileName(); var filePath = string.IsNullOrEmpty(Path) ? Utilities.GetDefaultPath() : Path; // Generate file. if (RecoveryServicesClient.getVaultAuthType(Vault.ResourceGroupName, Vault.Name) == 0) { var vaultCreds = RecoveryServicesClient.GenerateVaultCredential( cert, Vault, site, AuthType.ACS); // write the content to a file. var output = new VaultSettingsFilePath { FilePath = Utilities.WriteToFile(vaultCreds, filePath, fileName) }; // print the path to the user. WriteObject(output, true); } else { var fullFilePath = System.IO.Path.Combine(filePath, fileName); WriteDebug( string.Format( CultureInfo.InvariantCulture, Resources.ExecutingGetVaultCredCmdlet, subscription.Id, Vault.ResourceGroupName, Vault.Name, fullFilePath)); VaultCertificateResponse vaultCertificateResponse; try { // Upload cert into ID Mgmt WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadingCertToIdmgmt)); vaultCertificateResponse = UploadCert(cert); WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadedCertToIdmgmt)); var managementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx); // generate vault credentials var vaultCredsFileContent = GenerateVaultCredsForSiteRecovery( managementCert, subscription.Id, vaultCertificateResponse, site); WriteDebug(string.Format(Resources.SavingVaultCred, fullFilePath)); AzureSession.Instance.DataStore.WriteFile(fullFilePath, Encoding.UTF8.GetBytes(vaultCredsFileContent)); var output = new VaultSettingsFilePath { FilePath = fullFilePath, }; // Output filename back to user WriteObject(output, true); } catch (Exception exception) { throw exception; } } }