From 3c7b4142dfef98f4850e55d45c5b00a94524102e Mon Sep 17 00:00:00 2001 From: leefine02 Date: Fri, 23 Aug 2024 20:17:42 +0000 Subject: [PATCH] ab#61881 --- .../CitrixAdcStore.cs | 67 +++++++++---------- .../Management.cs | 7 +- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs b/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs index b57430a..23101e6 100644 --- a/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs +++ b/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs @@ -289,7 +289,7 @@ public string FindKeyPairByCertPath(string certPath) } } - public string UpdateKeyPair(string keyPairName, string certFileName, string keyFileName) + public void UpdateKeyPair(string keyPairName, string certFileName, string keyFileName) { Logger.MethodEntry(LogLevel.Debug); @@ -315,8 +315,7 @@ public string UpdateKeyPair(string keyPairName, string certFileName, string keyF if (count > 0) { Logger.LogTrace($"Updating certificate-key pair with name {keyPairName}"); - var _ = sslcertkey.change(_nss, certKeyObject); - var unused = sslcertkey.update(_nss, certKeyObject); + sslcertkey.update(_nss, certKeyObject); } else { @@ -384,50 +383,45 @@ private string GenerateKeyPairName(string alias) return alias; } - public void UpdateBindings(string keyPairName, string virtualServerName, string sniCert) + public void UpdateBindings(string keyPairName, List virtualServerNames, string sniCert) { Logger.MethodEntry(LogLevel.Debug); try { var sniArray = sniCert.Split(','); + var i = 0; - if (!string.IsNullOrWhiteSpace(virtualServerName)) + foreach (var vsName in virtualServerNames) { - var i = 0; - foreach (var vsName in virtualServerName.Split(",")) + var sniBool = false; + if (!string.IsNullOrEmpty(sniCert) && + (sniArray[i].ToUpper() == "TRUE" || sniArray[i].ToUpper() == "FALSE")) + sniBool = Convert.ToBoolean(sniArray[i]); + + Logger.LogTrace($"Updating binding for {vsName}"); + var ssb = new sslvserver_sslcertkey_binding { - var sniBool = false; - if (!string.IsNullOrEmpty(sniCert) && - (sniArray[i].ToUpper() == "TRUE" || sniArray[i].ToUpper() == "FALSE")) - sniBool = Convert.ToBoolean(sniArray[i]); - - Logger.LogTrace($"Updating bindings for {virtualServerName}"); - //bind key-pair to vserver - var ssb = new sslvserver_sslcertkey_binding - { - certkeyname = keyPairName, - vservername = vsName, - snicert = sniBool - }; - Logger.LogTrace($"Adding binding {keyPairName} for virtual server {virtualServerName}"); - - //Citrix Requires you do delete first when SNI with same domain or you will get a duplicate domain error - var filters = new filtervalue[1]; - filters[0] = new filtervalue("certKeyName", keyPairName); - if (sniBool && sslvserver_sslcertkey_binding.count_filtered(_nss, vsName, filters) > 0) - sslvserver_sslcertkey_binding.delete(_nss, ssb); - sslvserver_sslcertkey_binding.add(_nss, ssb); - - i++; - Logger.LogDebug("Exit UpdateBindings(string keyPairName, string virtualServerName)"); - } + certkeyname = keyPairName, + vservername = vsName, + snicert = sniBool + }; + Logger.LogTrace($"Adding binding {keyPairName} for virtual server {vsName}"); + + //Citrix Requires you do delete first when SNI with same domain or you will get a duplicate domain error + var filters = new filtervalue[1]; + filters[0] = new filtervalue("certKeyName", keyPairName); + if (sniBool && sslvserver_sslcertkey_binding.count_filtered(_nss, vsName, filters) > 0) + sslvserver_sslcertkey_binding.delete(_nss, ssb); + sslvserver_sslcertkey_binding.add(_nss, ssb); + + i++; } } catch (Exception e) { Logger.LogError( - $"Error Occurred in UpdateBindings(string keyPairName, string virtualServerName): {LogHandler.FlattenException(e)}"); + $"Error Occurred in UpdateBindings: {LogHandler.FlattenException(e)}"); throw; } finally @@ -647,9 +641,10 @@ private systemfile GetSystemFile(string fileName) public (systemfile pemFile, systemfile privateKeyFile) UploadCertificate(string contents, string pwd, string alias, bool overwrite) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering UploadCertificate() Method..."); var (pemFile, privateKeyFile) = GetPem(contents, pwd, alias); Logger.LogTrace("Starting UploadFile(pemFile,overwrite) call"); @@ -674,6 +669,10 @@ private systemfile GetSystemFile(string fileName) Logger.LogError($"Error in UploadCertificate(): {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } private void UploadFile(systemfile f, bool overwrite) diff --git a/CitrixAdcOrchestratorJobExtension/Management.cs b/CitrixAdcOrchestratorJobExtension/Management.cs index 1bf5ccf..3fe3c91 100644 --- a/CitrixAdcOrchestratorJobExtension/Management.cs +++ b/CitrixAdcOrchestratorJobExtension/Management.cs @@ -186,12 +186,13 @@ private void PerformAdd(CitrixAdcStore store, ManagementJobCertificate cert, _logger.MethodEntry(LogLevel.Debug); _logger.LogDebug("Updating keyPair"); - keyPairName = store.UpdateKeyPair(cert.Alias, pemFile, privateKeyFile); + var (pemFile, privateKeyFile) = store.UploadCertificate(cert.Contents, cert.PrivateKeyPassword, cert.Alias, overwrite); + store.UpdateKeyPair(cert.Alias, pemFile.filename, privateKeyFile.filename); _logger.LogDebug("Updating cert bindings"); //update cert bindings - if (virtualServerName != null) - store.UpdateBindings(keyPairName, virtualServerName, sniCert); + if (virtualServerNames.Count > 0) + store.UpdateBindings(cert.Alias, virtualServerNames, sniCert); if (linkToIssuer) {