ensure bouncycastle is available. Always set password on pfx.

LetsEncrypt-SiteExtension/Web.config

@@ -137,6 +137,10 @@
         <assemblyIdentity name="System.Web.Http.WebHost" publicKeyToken="31bf3856ad364e35" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-5.2.7.0" newVersion="5.2.7.0" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="BouncyCastle.Crypto" publicKeyToken="0e99375e54769942" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.8.5.0" newVersion="1.8.5.0" />
+      </dependentAssembly>
     </assemblyBinding>
   </runtime>
   <system.codedom>

LetsEncrypt.SiteExtension.Core/LetsEncrypt.Azure.Core.csproj

@@ -69,6 +69,9 @@
     <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
   </PropertyGroup>
   <ItemGroup>
+    <Reference Include="BouncyCastle.Crypto, Version=1.8.5.0, Culture=neutral, PublicKeyToken=0e99375e54769942, processorArchitecture=MSIL">
+      <HintPath>..\packages\Portable.BouncyCastle.1.8.5\lib\net40\BouncyCastle.Crypto.dll</HintPath>
+    </Reference>
     <Reference Include="Certes, Version=2.3.3.0, Culture=neutral, PublicKeyToken=308b9c08e7effcb1, processorArchitecture=MSIL">
       <HintPath>..\packages\Certes.2.3.3\lib\net45\Certes.dll</HintPath>
     </Reference>

LetsEncrypt.SiteExtension.Core/LetsEncrypt.Azure.Core.nuspec

@@ -3,7 +3,7 @@
   <metadata>
     <id>letsencrypt.azure.core</id>
     <title>Azure Let's Encrypt</title>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <authors>SJKP</authors>
     <licenseUrl>http://opensource.org/licenses/Apache-2.0</licenseUrl>
     <projectUrl>https://github.com/sjkp/letsencrypt-siteextension</projectUrl>
@@ -16,6 +16,7 @@
       <dependency id="Microsoft.Azure.Management.Websites" version="2.0.1" />
       <dependency id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="3.14.0"></dependency>
       <dependency id="Newtonsoft.Json" version="12.0.1" />
+      <dependency id="BouncyCastle" version="1.8.5" />
     </dependencies>
   </metadata>
 </package>

LetsEncrypt.SiteExtension.Core/Services/ACMEService.cs

@@ -22,7 +22,7 @@ public class AcmeService
         private readonly IAuthorizationChallengeProvider authorizeChallengeProvider;
 
         public AcmeService(IAcmeConfig config, IAuthorizationChallengeProvider authorizeChallengeProvider)
-        {
+        {            
             if (string.IsNullOrEmpty(config.BaseUri))
             {
                 this.acmeenvironment = (config.UseProduction ? WellKnownServers.LetsEncryptV2 : WellKnownServers.LetsEncryptStagingV2);
@@ -71,14 +71,15 @@ public async Task<CertificateInfo> RequestCertificate()
                 var certPem = cert.ToPem();
 
                 var pfxBuilder = cert.ToPfx(privateKey);
-                var pfx = pfxBuilder.Build(config.Host, config.PFXPassword);
+                string pFXPassword = config.PFXPassword ?? Guid.NewGuid().ToString().Replace("-", "");
+                var pfx = pfxBuilder.Build(config.Host, pFXPassword);
 
 
                 return new CertificateInfo()
                     {
-                        Certificate = new X509Certificate2(pfx, config.PFXPassword, X509KeyStorageFlags.DefaultKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable),
+                        Certificate = new X509Certificate2(pfx, pFXPassword, X509KeyStorageFlags.DefaultKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable),
                         Name = $"{config.Host} {DateTime.Now}",
-                        Password = config.PFXPassword,
+                        Password = pFXPassword,
                         PfxCertificate = pfx
                     };
 

LetsEncrypt.SiteExtension.Core/app.config

@@ -18,6 +18,10 @@
         <assemblyIdentity name="System.Xml.ReaderWriter" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-4.1.0.0" newVersion="4.1.0.0" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="BouncyCastle.Crypto" publicKeyToken="0e99375e54769942" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.8.5.0" newVersion="1.8.5.0" />
+      </dependentAssembly>
     </assemblyBinding>
   </runtime>
 <startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6" /></startup></configuration>

LetsEncrypt.SiteExtension.Core/packages.config

@@ -15,7 +15,7 @@
   <package id="NETStandard.Library" version="2.0.3" targetFramework="net46" />
   <package id="Newtonsoft.Json" version="12.0.1" targetFramework="net46" />
   <package id="Polly" version="6.1.2" targetFramework="net46" />
-  <package id="Portable.BouncyCastle" version="1.8.1.4" targetFramework="net46" />
+  <package id="Portable.BouncyCastle" version="1.8.5" targetFramework="net46" />
   <package id="System.AppContext" version="4.3.0" targetFramework="net46" />
   <package id="System.Collections" version="4.3.0" targetFramework="net46" />
   <package id="System.Collections.Concurrent" version="4.3.0" targetFramework="net46" />

LetsEncrypt.SiteExtension.Test/App.config

@@ -74,6 +74,10 @@
         <assemblyIdentity name="System.Web.Http.WebHost" publicKeyToken="31bf3856ad364e35" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-5.2.7.0" newVersion="5.2.7.0" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="BouncyCastle.Crypto" publicKeyToken="0e99375e54769942" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.8.5.0" newVersion="1.8.5.0" />
+      </dependentAssembly>
     </assemblyBinding>
   </runtime>
   <startup>

LetsEncrypt.SiteExtension.WebJob/App.config

@@ -63,6 +63,10 @@
         <assemblyIdentity name="Microsoft.IdentityModel.Clients.ActiveDirectory" publicKeyToken="31bf3856ad364e35" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-3.14.0.8" newVersion="3.14.0.8" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="BouncyCastle.Crypto" publicKeyToken="0e99375e54769942" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.8.5.0" newVersion="1.8.5.0" />
+      </dependentAssembly>
     </assemblyBinding>
   </runtime>
 </configuration>

LetsEncrypt.WebAppOnly.nuspec

@@ -3,7 +3,7 @@
   <metadata>
     <id>letsencrypt.webapponly</id>
     <title>Azure Let's Encrypt (No Web Jobs)</title>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <authors>SJKP</authors>
     <licenseUrl>http://opensource.org/licenses/Apache-2.0</licenseUrl>
     <projectUrl>https://github.com/sjkp/letsencrypt-siteextension</projectUrl>

LetsEncrypt.nuspec

@@ -3,7 +3,7 @@
   <metadata>
     <id>letsencrypt</id>
     <title>Azure Let's Encrypt</title>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <authors>SJKP</authors>
     <licenseUrl>http://opensource.org/licenses/Apache-2.0</licenseUrl>
     <projectUrl>https://github.com/sjkp/letsencrypt-siteextension</projectUrl>