diff options
| author | Wouter Tinus <win.acme.simple@gmail.com> | 2020-03-19 07:07:35 +0100 |
|---|---|---|
| committer | Wouter Tinus <win.acme.simple@gmail.com> | 2020-03-19 07:07:35 +0100 |
| commit | a76c5951817cb982e4fcc910bd707f5aa5bae7a3 (patch) | |
| tree | a60509f67486f6cdf467445101639671228d4c20 /src | |
| parent | 4babcdc36ec8aa6b492b7a38b97a2b8ff00b1f0d (diff) | |
| download | letsencrypt-win-simple-a76c5951817cb982e4fcc910bd707f5aa5bae7a3.zip letsencrypt-win-simple-a76c5951817cb982e4fcc910bd707f5aa5bae7a3.tar.gz letsencrypt-win-simple-a76c5951817cb982e4fcc910bd707f5aa5bae7a3.tar.bz2 | |
Fix #1445
Diffstat (limited to 'src')
| -rw-r--r-- | src/main.lib/Clients/IIS/IISClient.cs | 73 |
1 files changed, 52 insertions, 21 deletions
diff --git a/src/main.lib/Clients/IIS/IISClient.cs b/src/main.lib/Clients/IIS/IISClient.cs index 3171531..a0b82ee 100644 --- a/src/main.lib/Clients/IIS/IISClient.cs +++ b/src/main.lib/Clients/IIS/IISClient.cs @@ -267,38 +267,48 @@ namespace PKISharp.WACS.Clients.IIS var newThumbprint = newCertificate?.Certificate?.Thumbprint; var newStore = newCertificate?.StoreInfo[typeof(CertificateStore)].Path; var updated = 0; + + if (ServerManager == null) + { + return; + } + + var sslElement = ServerManager.SiteDefaults. + GetChildElement("ftpServer"). + GetChildElement("security"). + GetChildElement("ssl"); + if (RequireUpdate(sslElement, 0, FtpSiteId, oldThumbprint, newThumbprint, newStore)) + { + sslElement.SetAttributeValue("serverCertHash", newThumbprint); + sslElement.SetAttributeValue("serverCertStoreName", newStore); + _log.Information(LogType.All, "Updating default ftp site setting"); + updated += 1; + } + else + { + _log.Debug("No update needed for default ftp site settings"); + } + foreach (var ftpSite in ftpSites) { - var sslElement = ftpSite.Site.GetChildElement("ftpServer"). + sslElement = ftpSite.Site. + GetChildElement("ftpServer"). GetChildElement("security"). GetChildElement("ssl"); - var currentThumbprint = sslElement.GetAttributeValue("serverCertHash").ToString(); - var currentStore = sslElement.GetAttributeValue("serverCertStoreName").ToString(); - var update = false; - if (ftpSite.Site.Id == FtpSiteId) - { - update = - !string.Equals(currentThumbprint, newThumbprint, StringComparison.CurrentCultureIgnoreCase) || - !string.Equals(currentStore, newStore, StringComparison.CurrentCultureIgnoreCase); - if (!update) - { - _log.Information(LogType.All, "No updated need for ftp site {name}", ftpSite.Site.Name); - } - } - else - { - update = string.Equals(currentThumbprint, oldThumbprint, StringComparison.CurrentCultureIgnoreCase); - } - - if (update) + if (RequireUpdate(sslElement, ftpSite.Id, FtpSiteId, oldThumbprint, newThumbprint, newStore)) { sslElement.SetAttributeValue("serverCertHash", newThumbprint); sslElement.SetAttributeValue("serverCertStoreName", newStore); - _log.Information(LogType.All, "Updating existing ftp site {name}", ftpSite.Site.Name); + _log.Information(LogType.All, "Updating ftp site {name}", ftpSite.Site.Name); updated += 1; } + else + { + _log.Debug("No update needed for ftp site {name}", ftpSite.Site.Name); + } } + if (updated > 0) { _log.Information("Committing {count} {type} site changes to IIS", updated, "ftp"); @@ -306,6 +316,27 @@ namespace PKISharp.WACS.Clients.IIS } } + private bool RequireUpdate(ConfigurationElement element, + long currentSiteId, long installSiteId, + string? oldThumbprint, string? newThumbprint, + string? newStore) + { + var currentThumbprint = element.GetAttributeValue("serverCertHash").ToString(); + var currentStore = element.GetAttributeValue("serverCertStoreName").ToString(); + bool update; + if (currentSiteId == installSiteId) + { + update = + !string.Equals(currentThumbprint, newThumbprint, StringComparison.CurrentCultureIgnoreCase) || + !string.Equals(currentStore, newStore, StringComparison.CurrentCultureIgnoreCase); + } + else + { + update = string.Equals(currentThumbprint, oldThumbprint, StringComparison.CurrentCultureIgnoreCase); + } + return update; + } + #endregion /// <summary> |