Skip to content

Commit 1168c37

Browse files
webprofusion-chriscwebprofusion-chrisc
committed
CLI: cleanup project, remove parts of diagnostics to trim dependencies
1 parent 503c987 commit 1168c37

File tree

2 files changed

+12
-180
lines changed

2 files changed

+12
-180
lines changed

src/Certify.CLI/Certify.CLI.csproj

Lines changed: 7 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
<Project Sdk="Microsoft.NET.Sdk">
22
<PropertyGroup>
3-
<TargetFrameworks>net462;net9.0</TargetFrameworks>
4-
<Configurations>Debug;Release;Debug;Release</Configurations>
3+
<TargetFrameworks>net9.0;</TargetFrameworks>
4+
<Configurations>Debug;Release;</Configurations>
55
<AssemblyName>Certify</AssemblyName>
66
<OutputType>Exe</OutputType>
77
<Platforms>AnyCPU</Platforms>
88
<LangVersion>latest</LangVersion>
99
</PropertyGroup>
10-
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
11-
<PlatformTarget>AnyCPU</PlatformTarget>
10+
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug' ">
11+
1212
<Optimize>false</Optimize>
1313
<OutputPath>bin\Debug\</OutputPath>
1414
<DefineConstants>DEBUG;TRACE</DefineConstants>
@@ -17,14 +17,15 @@
1717
<CodeAnalysisRuleSet>..\CodeAnalysis.ruleset</CodeAnalysisRuleSet>
1818
<Prefer32Bit>false</Prefer32Bit>
1919
</PropertyGroup>
20-
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
21-
<PlatformTarget>AnyCPU</PlatformTarget>
20+
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release' ">
21+
2222
<Optimize>true</Optimize>
2323
<OutputPath>bin\Release\</OutputPath>
2424
<DefineConstants>TRACE</DefineConstants>
2525
<ErrorReport>prompt</ErrorReport>
2626
<WarningLevel>4</WarningLevel>
2727
<Prefer32Bit>false</Prefer32Bit>
28+
2829
</PropertyGroup>
2930
<PropertyGroup>
3031
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -33,12 +34,7 @@
3334
<OutputType>Exe</OutputType>
3435
<RootNamespace>Certify.CLI</RootNamespace>
3536
<AssemblyName>Certify</AssemblyName>
36-
<TargetFrameworkVersion>v4.6.2</TargetFrameworkVersion>
37-
<FileAlignment>512</FileAlignment>
3837
<AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
39-
<TargetFrameworkProfile />
40-
<NuGetPackageImportStamp />
41-
<RestoreProjectStyle>PackageReference</RestoreProjectStyle>
4238
<ApplicationManifest>app.manifest</ApplicationManifest>
4339
<StartupObject>Certify.CLI.Program</StartupObject>
4440
</PropertyGroup>
@@ -51,18 +47,12 @@
5147
</ItemGroup>
5248
<ItemGroup>
5349
<ProjectReference Include="..\Certify.Client\Certify.Client.csproj" />
54-
<ProjectReference Include="..\Certify.Core\Certify.Core.csproj" />
5550
<ProjectReference Include="..\Certify.Locales\Certify.Locales.csproj" />
5651
<ProjectReference Include="..\Certify.Models\Certify.Models.csproj" />
57-
<ProjectReference Include="..\Certify.Shared\Certify.Shared.Core.csproj" />
5852
</ItemGroup>
5953

6054
<ItemGroup>
6155
<None Include="App.config" />
6256
<None Include="app.manifest" />
6357
</ItemGroup>
64-
65-
<ItemGroup>
66-
<PackageReference Include="System.Security.Cryptography.Cng" Version="5.0.0" />
67-
</ItemGroup>
6858
</Project>

src/Certify.CLI/CertifyCLI.RunCertDiagnostics.cs

Lines changed: 5 additions & 163 deletions
Original file line numberDiff line numberDiff line change
@@ -2,11 +2,8 @@
22
using System.Collections.Generic;
33
using System.Diagnostics;
44
using System.Linq;
5-
using System.Runtime.InteropServices;
65
using System.Threading.Tasks;
7-
using Certify.Management;
86
using Certify.Models;
9-
using Microsoft.Extensions.Logging;
107

118
namespace Certify.CLI
129
{
@@ -19,6 +16,7 @@ public partial class CertifyCLI
1916
/// <param name="forceAutoDeploy">Change all deployment modes to Auto</param>
2017
public async Task RunCertDiagnostics(bool autoFix = false, bool forceAutoDeploy = false, bool includeOcspCheck = true)
2118
{
19+
// TODO: this should all move to the core service and be called via the client API
2220
static string stripNonNumericFromString(string input)
2321
{
2422
return new string(input.Where(c => char.IsDigit(c)).ToArray());
@@ -61,7 +59,6 @@ static bool isNumeric(string input)
6159
Console.WriteLine("Running cert diagnostics..");
6260

6361
var countSiteIdsFixed = 0;
64-
var countBindingRedeployments = 0;
6562
var totalTime = Stopwatch.StartNew();
6663
var itemTiming = Stopwatch.StartNew();
6764

@@ -70,21 +67,12 @@ static bool isNumeric(string input)
7067

7168
itemTiming.Restart();
7269

73-
var redeployRequired = false;
74-
75-
if (autoFix)
76-
{
77-
redeployRequired = true;
78-
}
79-
8070
if ((site.GroupId != site.ServerSiteId) || !isNumeric(site.ServerSiteId))
8171
{
8272
Console.ForegroundColor = ConsoleColor.Red;
8373
Console.WriteLine("\t WARNING: managed cert has invalid ServerSiteID: " + site.Name);
8474
Console.ForegroundColor = ConsoleColor.White;
8575

86-
redeployRequired = true;
87-
8876
if (autoFix)
8977
{
9078

@@ -93,128 +81,23 @@ static bool isNumeric(string input)
9381
//update managed site
9482
Console.WriteLine("\t Auto fixing managed cert ServerSiteID: " + site.Name);
9583

96-
var update = await _certifyClient.UpdateManagedCertificate(site);
84+
await _certifyClient.UpdateManagedCertificate(site);
9785

9886
countSiteIdsFixed++;
9987
}
10088
}
10189

10290
if (autoFix && forceAutoDeploy)
10391
{
104-
redeployRequired = true;
105-
10692
if (site.RequestConfig.DeploymentSiteOption != DeploymentOption.Auto && site.RequestConfig.DeploymentSiteOption != DeploymentOption.AllSites)
10793
{
10894
Console.WriteLine("\t Auto fixing managed cert deployment mode: " + site.Name);
10995
site.RequestConfig.DeploymentSiteOption = DeploymentOption.Auto;
11096

111-
var update = await _certifyClient.UpdateManagedCertificate(site);
97+
await _certifyClient.UpdateManagedCertificate(site);
11298
}
11399
}
114100

115-
#if !NET9_0_OR_GREATER
116-
if (!string.IsNullOrEmpty(site.CertificatePath) && System.IO.File.Exists(site.CertificatePath))
117-
{
118-
Console.WriteLine($"{site.Name}");
119-
var fileCert = CertificateManager.LoadCertificate(site.CertificatePath);
120-
121-
if (fileCert != null)
122-
{
123-
try
124-
{
125-
var storedCert = CertificateManager.GetCertificateByThumbprint(site.CertificateThumbprintHash);
126-
if (storedCert != null)
127-
{
128-
// cert in store, check permissions
129-
Console.WriteLine($"Stored cert :: " + storedCert.FriendlyName);
130-
Console.WriteLine($"Signature Algorithm :: " + storedCert.SignatureAlgorithm.FriendlyName);
131-
132-
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
133-
{
134-
var access = CertificateManager.GetUserAccessInfoForCertificatePrivateKey(storedCert);
135-
foreach (System.Security.AccessControl.AuthorizationRule a in access.GetAccessRules(true, false, typeof(System.Security.Principal.NTAccount)))
136-
{
137-
Console.WriteLine("\t Access: " + a.IdentityReference.Value.ToString());
138-
}
139-
}
140-
141-
}
142-
143-
if (includeOcspCheck)
144-
{
145-
var chainResults = CertificateManager.CheckCertChain(fileCert);
146-
147-
foreach (var result in chainResults)
148-
{
149-
Console.WriteLine($"\t Cert Ocsp Status Check: {fileCert.Subject} " + result);
150-
}
151-
152-
var ocspCheck = await CertificateManager.CheckOcspRevokedStatus(site.CertificatePath, "");
153-
Console.ForegroundColor = ConsoleColor.White;
154-
155-
if (ocspCheck == Models.Certify.Models.CertificateStatusType.Revoked || ocspCheck == Models.Certify.Models.CertificateStatusType.Expired)
156-
{
157-
Console.ForegroundColor = ConsoleColor.Red;
158-
Console.WriteLine($"\t Ocsp Status Check: {fileCert.Subject} " + ocspCheck);
159-
Console.ForegroundColor = ConsoleColor.White;
160-
}
161-
else
162-
{
163-
Console.WriteLine($"\t Ocsp Status Check: {fileCert.Subject} " + ocspCheck);
164-
}
165-
}
166-
167-
// re-deploy certificate if possible
168-
if (redeployRequired && autoFix)
169-
{
170-
171-
//re-apply current certificate file to store and bindings
172-
if (!string.IsNullOrEmpty(site.CertificateThumbprintHash))
173-
{
174-
var result = await _certifyClient.ReapplyCertificateBindings(site.Id, false, false);
175-
176-
countBindingRedeployments++;
177-
178-
if (!result.IsSuccess)
179-
{
180-
Console.ForegroundColor = ConsoleColor.Red;
181-
Console.WriteLine("\t Error: Failed to re-applying certificate bindings:" + site.Name);
182-
Console.ForegroundColor = ConsoleColor.White;
183-
}
184-
else
185-
{
186-
Console.ForegroundColor = ConsoleColor.Green;
187-
Console.WriteLine("\t Info: re-applied certificate bindings:" + site.Name);
188-
Console.ForegroundColor = ConsoleColor.White;
189-
}
190-
191-
System.Threading.Thread.Sleep(500);
192-
}
193-
else
194-
{
195-
196-
Console.ForegroundColor = ConsoleColor.DarkYellow;
197-
Console.WriteLine($"Warning: {site.Name} :: No certificate information, bindings cannot be redeployed");
198-
Console.ForegroundColor = ConsoleColor.White;
199-
200-
}
201-
}
202-
}
203-
catch (Exception exp)
204-
{
205-
Console.WriteLine(exp.ToString());
206-
}
207-
}
208-
else
209-
{
210-
//Console.WriteLine($"{site.Name} certificate file does not exist: {site.CertificatePath}");
211-
if (redeployRequired)
212-
{
213-
Console.WriteLine($"{site.Name} has no current certificate and requires manual verification/redeploy of cert.");
214-
}
215-
}
216-
}
217-
#endif
218101
Debug.WriteLine($"Item update took {itemTiming.Elapsed.TotalSeconds}s");
219102
}
220103

@@ -273,50 +156,9 @@ public async Task FindPendingAuthorizations(bool autoFix)
273156
System.Console.WriteLine(url);
274157
}
275158

276-
if (autoFix)
277-
{
278-
System.Console.WriteLine("Auto fixing:");
279-
280-
// TODO: move this into certify manager and use client to call into service, removing dependency on certify core lib
281-
var c = new CertifyManager();
282-
await c.Init();
283-
284-
var logger = new Loggy(LoggerFactory.Create(builder => builder.AddDebug()).CreateLogger<CertifyCLI>());
285-
286-
foreach (var url in orderUrls)
287-
{
288-
289-
System.Console.WriteLine("Checking Pending Challenges for " + url);
290-
291-
var dummyManagedCert = (new ManagedCertificate { CurrentOrderUri = url, UseStagingMode = false });
292-
// get
293-
var caAccount = await c.GetAccountDetails(dummyManagedCert);
294-
var acmeClient = await c.GetACMEProvider(dummyManagedCert, caAccount);
295-
296-
var pendingOrder = await acmeClient.BeginCertificateOrder(logger, dummyManagedCert, resumeExistingOrder: true);
297-
298-
foreach (var auth in pendingOrder.Authorizations)
299-
{
300-
try
301-
{
302-
if (!auth.IsFailure && !auth.IsValidated)
303-
{
304-
System.Console.WriteLine("Submitting challenge for validation " + auth.Identifier);
305-
auth.AttemptedChallenge = auth.Challenges.FirstOrDefault(c => c.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_HTTP || c.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_DNS);
306-
await acmeClient.SubmitChallenge(logger, auth.AttemptedChallenge.ChallengeType, auth);
307-
}
308-
}
309-
catch (Exception)
310-
{
311-
System.Console.WriteLine("Failed to complete pending authz for " + url);
312-
313-
}
314-
315-
await Task.Delay(250);
316-
}
317-
}
318-
}
159+
await Task.CompletedTask;
319160
}
161+
320162
public async Task RunCertMaintenanceTasks(string[] args)
321163
{
322164
System.Console.WriteLine("Performing managed certificate maintenance tasks..");

0 commit comments

Comments
 (0)