Skip to content

Commit

Permalink
Merge pull request #368 from JohnLBevan/issue352
Browse files Browse the repository at this point in the history
#352 - Allow sslFlags to remain unchanged.
  • Loading branch information
ebekker authored Jul 16, 2019
2 parents eb11021 + 6ebd8ac commit 8e9607a
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 6 deletions.
13 changes: 8 additions & 5 deletions ACMESharp/ACMESharp.Providers.IIS/IisHelper.cs
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ public static IEnumerable<IisWebSiteBinding> ListWebSitesBindings()
}
}

public static void UpdateSiteBinding(IisWebSiteBinding binding, string certStore, byte[] certHash)
public static void UpdateSiteBinding(IisWebSiteBinding binding, string certStore, byte[] certHash, bool keepExistingSslFlags = false)
{
using (var iis = new ServerManager())
{
Expand All @@ -120,10 +120,13 @@ public static void UpdateSiteBinding(IisWebSiteBinding binding, string certStore
++bindingCount;
b.CertificateStoreName = certStore;
b.CertificateHash = certHash;
if (binding.BindingHostRequired.GetValueOrDefault() && GetIisVersion().Major >= 8)
b.SetAttributeValue("sslFlags", 1);
else
b.SetAttributeValue("sslFlags", 3);
if (!keepExistingSslFlags)
{
if (binding.BindingHostRequired.GetValueOrDefault() && GetIisVersion().Major >= 8)
b.SetAttributeValue("sslFlags", 1);
else
b.SetAttributeValue("sslFlags", 3);
}
}
}

Expand Down
5 changes: 4 additions & 1 deletion ACMESharp/ACMESharp.Providers.IIS/IisInstaller.cs
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ public bool? BindingHostRequired
public bool Force
{ get; set; }

public bool KeepExistingSslFlags
{ get; set; }

public string CertificateFriendlyName
{ get; set; }

Expand Down Expand Up @@ -82,7 +85,7 @@ public void Install(PrivateKey pk, Crt crt, IEnumerable<Crt> chain, IPkiTool cp)
{
if (BindingHostRequired.HasValue)
oldBinding.BindingHostRequired = BindingHostRequired;
IisHelper.UpdateSiteBinding(oldBinding, certStore, certHash);
IisHelper.UpdateSiteBinding(oldBinding, certStore, certHash, keepExistingSslFlags: KeepExistingSslFlags);
}
}
else
Expand Down

0 comments on commit 8e9607a

Please sign in to comment.