From 63bf5dd50363aa45f3e75aeb64b57c009addbbd4 Mon Sep 17 00:00:00 2001 From: CWX Date: Tue, 8 Apr 2025 19:10:37 +0100 Subject: [PATCH] Fix needing to Restart after cert gen, to be moved away from pfx eventually --- .../Helpers/CertificateHelper.cs | 74 +++++++++++++------ 1 file changed, 53 insertions(+), 21 deletions(-) diff --git a/Libraries/SPTarkov.Server.Core/Helpers/CertificateHelper.cs b/Libraries/SPTarkov.Server.Core/Helpers/CertificateHelper.cs index ec1c7830..c8629e95 100644 --- a/Libraries/SPTarkov.Server.Core/Helpers/CertificateHelper.cs +++ b/Libraries/SPTarkov.Server.Core/Helpers/CertificateHelper.cs @@ -15,6 +15,11 @@ namespace SPTarkov.Server.Core.Helpers private const string certificatePfxPath = "./user/certs/certificate.pfx"; //Todo: Finish off to match TS server + /// + /// Currently not in use + /// + /// + /// public X509Certificate2 LoadOrGenerateCertificate() { if (!Directory.Exists("./user/certs")) @@ -50,24 +55,18 @@ namespace SPTarkov.Server.Core.Helpers Directory.CreateDirectory("./user/certs"); } - var certificate = LoadCertificatePfx(); - - if (certificate == null) + if (TryLoadCertificatePfx(out var cert)) { - // Generate self-signed certificate - certificate = GenerateSelfSignedCertificate("localhost"); - SaveCertificatePfx(certificate); // Save cert - certificate = LoadCertificatePfx(); // load it after - if (certificate == null) - { - // if we are still null here there is a serious problem creating cert - throw new Exception("Certificate could not be loaded for the second time."); - } - - _logger.Success($"Generated and stored self-signed certificate ({certificatePath})"); + _logger.Success($"Loaded self-signed certificate ({certificatePath})"); + return cert; + } + else + { + // shit went wrong, throw a wobbly and close app + _logger.Critical("Certificate pfx could not be loaded. Stopping server..."); + Environment.Exit(1); + return null; } - - return certificate; } private X509Certificate2? LoadCertificate() @@ -82,11 +81,45 @@ namespace SPTarkov.Server.Core.Helpers } } + /// + /// if the cert exist, try load it, else create one and try load again + /// + /// + private bool TryLoadCertificatePfx(out X509Certificate2? certificate) + { + X509Certificate2 cert = null; + if (!File.Exists(certificatePfxPath)) + { + // file doesnt exist so create straight away + cert = GenerateSelfSignedCertificate("localhost"); + SaveCertificatePfx(cert); + _logger.Success($"Generated and stored self-signed certificate ({certificatePath})"); + } + + try + { + //Archangel: For some reason despite this being deprecated this is the only way to load a certificate file + //No idea why, I want to eventually switch over to the other format so it lines up with the TS server + //But for now this works fine + certificate = new X509Certificate2(certificatePfxPath); + } + catch (Exception e) + { + Console.WriteLine(e); + throw; + } + + if (certificate is not null) + { + return true; + } + + return false; + } + /// /// Get a certificate from provided path and return /// - /// Path to pfx file - /// Optional password for certificate /// X509Certificate2 private X509Certificate2? LoadCertificatePfx() { @@ -171,8 +204,8 @@ namespace SPTarkov.Server.Core.Helpers // Convert the private key to PEM format (Base64 encoded) var privateKeyString = "-----BEGIN PRIVATE KEY-----\n" + - Convert.ToBase64String(privateKeyBytes, Base64FormattingOptions.InsertLineBreaks) + - "\n-----END PRIVATE KEY-----"; + Convert.ToBase64String(privateKeyBytes, Base64FormattingOptions.InsertLineBreaks) + + "\n-----END PRIVATE KEY-----"; _fileUtil.WriteFile(certificateKeyPath, privateKeyString); } @@ -181,6 +214,5 @@ namespace SPTarkov.Server.Core.Helpers _logger.Error($"Error saving certificate key: {ex.Message}"); } } - } }