Opc.Ua.Configuration.ApplicationInstance.CreateApplicationInstanceCertificate C# (CSharp) Method

ApplicationInstance Class Documentation ファイルを表示 Open project: OPCFoundation/UA-.NET

CreateApplicationInstanceCertificate() private static method

Creates the application instance certificate.
private static CreateApplicationInstanceCertificate ( ApplicationConfiguration configuration, ushort keySize, ushort lifetimeInMonths ) : X509Certificate2
configuration ApplicationConfiguration The configuration.
keySize ushort Size of the key.
lifetimeInMonths ushort The lifetime in months.
return System.Security.Cryptography.X509Certificates.X509Certificate2 
        private static X509Certificate2 CreateApplicationInstanceCertificate(
            ApplicationConfiguration configuration, 
            ushort keySize, 
            ushort lifetimeInMonths)
        {
            Utils.Trace(Utils.TraceMasks.Information, "Creating application instance certificate. KeySize={0}, Lifetime={1}", keySize, lifetimeInMonths);

            // delete existing any existing certificate.
            DeleteApplicationInstanceCertificate(configuration);

            CertificateIdentifier id = configuration.SecurityConfiguration.ApplicationCertificate;

            // get the domains from the configuration file.
            IList<string> serverDomainNames = configuration.GetServerDomainNames();

            if (serverDomainNames.Count == 0)
            {
                serverDomainNames.Add(System.Net.Dns.GetHostName());
            }

            // ensure the certificate store directory exists.
            if (id.StoreType == CertificateStoreType.Directory)
            {
                Utils.GetAbsoluteDirectoryPath(id.StorePath, true, true, true);
            }

            X509Certificate2 certificate = Opc.Ua.CertificateFactory.CreateCertificate(
                id.StoreType,
                id.StorePath,
                configuration.ApplicationUri,
                configuration.ApplicationName,
                null,
                serverDomainNames,
                keySize,
                lifetimeInMonths);

            id.Certificate = certificate;
            AddToTrustedStore(configuration, certificate);

            /*
            if (id.StoreType == CertificateStoreType.Directory)
            {
                DirectoryCertificateStore store = new DirectoryCertificateStore();
                store.Open(id.StorePath);

                List<ApplicationAccessRule> rules = new List<ApplicationAccessRule>();

                ApplicationAccessRule rule = new ApplicationAccessRule();
                rule.RuleType = AccessControlType.Allow;
                rule.Right = ApplicationAccessRight.Run;
                rule.IdentityName = WellKnownSids.NetworkService;
                rules.Add(rule);

                rule = new ApplicationAccessRule();
                rule.RuleType = AccessControlType.Allow;
                rule.Right = ApplicationAccessRight.Run;
                rule.IdentityName = WellKnownSids.LocalService;
                rules.Add(rule);

                rule = new ApplicationAccessRule();
                rule.RuleType = AccessControlType.Allow;
                rule.Right = ApplicationAccessRight.Run;
                rule.IdentityName = WellKnownSids.LocalSystem;
                rules.Add(rule);

                store.SetAccessRules(certificate.Thumbprint, rules, false);
            }
            */

            configuration.CertificateValidator.Update(configuration.SecurityConfiguration);

            Utils.Trace(Utils.TraceMasks.Information, "Certificate created. Thumbprint={0}", certificate.Thumbprint);

            // reload the certificate from disk.
            return configuration.SecurityConfiguration.ApplicationCertificate.LoadPrivateKey(null);
        }
ApplicationInstance
AddApplicationCertificateToStore
AddIssuerCertificatesToStore
AddToDiscoveryServerTrustList
AddToTrustedStore
ApplicationInstance
CertificateValidator_CertificateValidation
CheckApplicationInstanceCertificate
CheckDomainsInCertificate
ConfigureFileAccess
ConfigureFirewall
ConfigureHttpAccess
CreateApplicationInstanceCertificate
DeleteApplicationInstanceCertificate
GetAccessRules
GetArgumentDescriptions
GetHelpString
GetHttpUrlForAccessRule
HttpsCertificateValidation
Install
LoadAppConfig
LoadApplicationConfiguration
LoadInstallConfig
LoadInstallConfigFromFile
LoadInstallConfigFromResource
LoadInstallConfigFromStream
OnBeforeInstallService
ProcessCommand
ProcessCommandLine
SetHttpAccessRules
SetUaValidationForHttps
Start
StartAsService
Stop
Uninstall
UpdateAppConfigWithInstallConfig
ValidateArguments