public void CheckIfCertificateIsprivate(TEntity item, string certificateName, IntegrationAccountDetails iaDetails)
{
try
{
string filepath = FileOperations.GetCertificateJsonFilePath(certificateName);
string content = File.ReadAllText(filepath);
var certificate = JsonConvert.DeserializeObject <JsonCertificate.Rootobject>(content);
if (certificate.properties.key != null)
{
string keyvaultname = iaDetails.KeyVaultName;
if (string.IsNullOrEmpty(keyvaultname))
{
throw new Exception("Couldn't find the name of the Key Vault to upload the Private key for the Private Certificate. Make sure you selected a Key Vault at the Integration Account Details Screen");
}
string certName = FileOperations.GetFileName(certificateName);
string keyvaultfilepath = FileOperations.GetKeyVaultJsonFilePath(certName + "Privatekey");
IntegrationAccountContext sclient = new IntegrationAccountContext();
AuthenticationResult authresult = thisApplicationContext.GetProperty("KeyVaultAuthorization") as AuthenticationResult;
string kid = sclient.UploadCertificatePrivateKeyToKeyVault(StringOperations.RemoveAllSpecialCharacters(certName) + "Privatekey", keyvaultname, keyvaultfilepath, authresult);
certificate.properties.key.keyName = StringOperations.RemoveAllSpecialCharacters(certName) + "Privatekey";
certificate.properties.key.keyVersion = kid;
certificate.properties.key.keyVault.id = string.Format(ConfigurationManager.AppSettings["KeyVaultResourceIdTemplate"], iaDetails.SubscriptionId, iaDetails.ResourceGroupName, keyvaultname);
//certificate.properties.key.keyVault.name = certName + "Privatekey";
string fileName = FileOperations.GetCertificateJsonFilePath(certName);
string partnerJsonFileContent = JsonConvert.SerializeObject(certificate);
File.WriteAllText(fileName, partnerJsonFileContent);
}
}
catch (Exception ex)
{
SetStatus(item, MigrationStatus.Failed, string.Format("Certificate Migration Failed. Reason:{0}", ExceptionHelper.GetExceptionMessage(ex)));
TraceProvider.WriteLine(string.Format("Certificate Migration Failed. Reason:{0}", ExceptionHelper.GetExceptionMessage(ex)));
TraceProvider.WriteLine();
throw ex;
}
}
public void CreateCertificates(string certName, string certThumbprint)
{
try
{
X509Certificate2 partnerCert;
string partnerCertBase64String;
bool certFound = false;
X509Certificate2Collection collection = new X509Certificate2Collection();
//BiztalkServerDetails BizTalkServerDetails = this.thisApplicationContext.GetService<BiztalkServerDetails>();
//string serverName = BizTalkServerDetails.RemoteServerName;
//if (BizTalkServerDetails.UseDifferentAccount)
//{
// string domain = BizTalkServerDetails.RemoteDomainName;
// string username = BizTalkServerDetails.RemoteUserName;
// string password = BizTalkServerDetails.RemoteUserPassword;
// using (UserImpersonation user = new UserImpersonation(username, domain, password))
// {
// if (user.ImpersonateValidUser())
// {
//collection = GetCertificate(certThumbprint, serverName);
//if (collection.Count == 0)
//{
// certFound = false;
//}
//else
//{
// certFound = true;
//}
//}
//else
//{
// throw new Exception(string.Format(@"Failed to read Certificates from the Server {0}\{1}. Invalid Credentails used to read Certificates.", domain, username));
//}
// }
// }
//else
//{
string serverName = System.Environment.MachineName;
collection = GetCertificate(certThumbprint, serverName);
if (collection.Count == 0)
{
certFound = false;
}
else
{
certFound = true;
}
// }
if (certFound)
{
partnerCert = collection[0];
partnerCertBase64String = Convert.ToBase64String(partnerCert.GetRawCertData());
JsonCertificate.Rootobject certificateRootObject = new JsonCertificate.Rootobject()
{
name = FileOperations.GetFileName(certName),
properties = new JsonCertificate.Properties()
{
publicCertificate = partnerCertBase64String,
metadata = GenerateMetadata(certName)
}
};
if (partnerCert.HasPrivateKey)
{
//CHECK IF IT's EXPORTABLE, and ensure you write traces
certificateRootObject.properties.key = new JsonCertificate.Key()
{
keyName = "<KeyNameHere>",
keyVersion = "<KeyVersionHere>",
keyVault = new JsonCertificate.KeyVault()
{
id = "<ResourceUriHere>"
}
};
//TODO: Create KeyVault Secret JSON.
string keyvaultjson = this.GetKeyVaultSecretJsonForPrivateKey(partnerCert);
string keyvaultfilename = FileOperations.GetKeyVaultJsonFilePath(certName + "Privatekey");
FileOperations.CreateFolder(keyvaultfilename);
System.IO.File.WriteAllText(keyvaultfilename, keyvaultjson);
}
string fileName = FileOperations.GetCertificateJsonFilePath(certName);
string partnerJsonFileContent = Newtonsoft.Json.JsonConvert.SerializeObject(certificateRootObject);
FileOperations.CreateFolder(fileName);
System.IO.File.WriteAllText(fileName, partnerJsonFileContent);
TraceProvider.WriteLine(string.Format("Certificate {0} for partner has been succesfully exported to Json with Name {1}", certName, FileOperations.GetFileName(certName)));
}
else
{
TraceProvider.WriteLine(string.Format("Certificate Export to Json Failed. Reason : Certificate {0} Not Found in LocalCertificate store in Server {1}", certName, serverName));
throw new Exception(string.Format("Certificate {0} Not Found in LocalCertificate store in Server {1}", certName, serverName));
}
}
catch (Exception ex)
{
throw ex;
}
}