chillcog/SPT-Server-Build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix needing to Restart after cert gen, to be moved away from pfx eventually

Browse Source
This commit is contained in:
CWX
2025-04-08 19:10:37 +01:00
parent 1fa7e59855
commit 63bf5dd503
1 changed files with 53 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Libraries/SPTarkov.Server.Core/Helpers/CertificateHelper.cs
+53 -21
View File
@@ -15,6 +15,11 @@ namespace SPTarkov.Server.Core.Helpers
private const string certificatePfxPath = "./user/certs/certificate.pfx";
//Todo: Finish off to match TS server
/// <summary>
/// Currently not in use
/// </summary>
/// <returns></returns>
/// <exception cref="Exception"></exception>
public X509Certificate2 LoadOrGenerateCertificate()
{
if (!Directory.Exists("./user/certs"))
@@ -50,24 +55,18 @@ namespace SPTarkov.Server.Core.Helpers
Directory.CreateDirectory("./user/certs");
}
var certificate = LoadCertificatePfx();
if (certificate == null)
if (TryLoadCertificatePfx(out var cert))
{
// Generate self-signed certificate
certificate = GenerateSelfSignedCertificate("localhost");
SaveCertificatePfx(certificate); // Save cert
certificate = LoadCertificatePfx(); // load it after
if (certificate == null)
{
// if we are still null here there is a serious problem creating cert
throw new Exception("Certificate could not be loaded for the second time.");
}
_logger.Success($"Generated and stored self-signed certificate ({certificatePath})");
_logger.Success($"Loaded self-signed certificate ({certificatePath})");
return cert;
}
else
{
// shit went wrong, throw a wobbly and close app
_logger.Critical("Certificate pfx could not be loaded. Stopping server...");
Environment.Exit(1);
return null;
}
return certificate;
}
private X509Certificate2? LoadCertificate()
@@ -82,11 +81,45 @@ namespace SPTarkov.Server.Core.Helpers
}
}
/// <summary>
/// if the cert exist, try load it, else create one and try load again
/// </summary>
/// <returns></returns>
private bool TryLoadCertificatePfx(out X509Certificate2? certificate)
{
X509Certificate2 cert = null;
if (!File.Exists(certificatePfxPath))
{
// file doesnt exist so create straight away
cert = GenerateSelfSignedCertificate("localhost");
SaveCertificatePfx(cert);
_logger.Success($"Generated and stored self-signed certificate ({certificatePath})");
}
try
{
//Archangel: For some reason despite this being deprecated this is the only way to load a certificate file
//No idea why, I want to eventually switch over to the other format so it lines up with the TS server
//But for now this works fine
certificate = new X509Certificate2(certificatePfxPath);
}
catch (Exception e)
{
Console.WriteLine(e);
throw;
}
if (certificate is not null)
{
return true;
}
return false;
}
/// <summary>
/// Get a certificate from provided path and return
/// </summary>
/// <param name="pfxPath">Path to pfx file</param>
/// <param name="certPassword">Optional password for certificate</param>
/// <returns>X509Certificate2</returns>
private X509Certificate2? LoadCertificatePfx()
{
@@ -171,8 +204,8 @@ namespace SPTarkov.Server.Core.Helpers
// Convert the private key to PEM format (Base64 encoded)
var privateKeyString = "-----BEGIN PRIVATE KEY-----\n" +
Convert.ToBase64String(privateKeyBytes, Base64FormattingOptions.InsertLineBreaks) +
"\n-----END PRIVATE KEY-----";
Convert.ToBase64String(privateKeyBytes, Base64FormattingOptions.InsertLineBreaks) +
"\n-----END PRIVATE KEY-----";
_fileUtil.WriteFile(certificateKeyPath, privateKeyString);
}
@@ -181,6 +214,5 @@ namespace SPTarkov.Server.Core.Helpers
_logger.Error($"Error saving certificate key: {ex.Message}");
}
}
}
}