From 37e0c9d1ee5e46477e122ec999d4b9bd03e1bc2b Mon Sep 17 00:00:00 2001 From: leefine02 Date: Mon, 3 Jun 2024 18:56:14 +0000 Subject: [PATCH] ab#52646 --- F5WafOrchestrator/CA/Management.cs | 2 +- F5WafOrchestrator/F5WafClient.cs | 39 ++++++----------------------- F5WafOrchestrator/TLS/Management.cs | 2 +- 3 files changed, 9 insertions(+), 34 deletions(-) diff --git a/F5WafOrchestrator/CA/Management.cs b/F5WafOrchestrator/CA/Management.cs index ac08ed9..b35a5ff 100644 --- a/F5WafOrchestrator/CA/Management.cs +++ b/F5WafOrchestrator/CA/Management.cs @@ -50,7 +50,7 @@ public JobResult ProcessJob(ManagementJobConfiguration config) break; case CertStoreOperationType.Remove: _logger.LogDebug($"BEGIN Delete Operation for {config.CertificateStoreDetails.StorePath} on {config.CertificateStoreDetails.ClientMachine}."); - F5Client.RemoveCaCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias); + F5Client.RemoveCaOrTlsCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias, false); _logger.LogDebug($"END Delete Operation for {config.CertificateStoreDetails.StorePath} on {config.CertificateStoreDetails.ClientMachine}."); break; default: diff --git a/F5WafOrchestrator/F5WafClient.cs b/F5WafOrchestrator/F5WafClient.cs index 8b03791..8559569 100644 --- a/F5WafOrchestrator/F5WafClient.cs +++ b/F5WafOrchestrator/F5WafClient.cs @@ -502,42 +502,13 @@ public CaPostRoot FormatCaCertificateRequest(ManagementJobCertificate mgmtJobCer return reqBody; } - public void RemoveTlsCertificate(string f5Namespace, string certName) + public void RemoveCaOrTlsCertificate(string f5Namespace, string certName, bool isTLSCertificate) { _logger.MethodEntry(LogLevel.Debug); - var response = F5Client.DeleteAsync($"/api/config/namespaces/{f5Namespace}/certificates/{certName}"); - response.Wait(); - var stringResponse = response.Result.Content.ReadAsStringAsync(); - stringResponse.Wait(); - - //parse status code for error handling - string statusCode = string.Empty; - string[] respMessage = response.Result.ToString().Split(','); - for (int i = 0; i < respMessage.Length; i++) - { - if (respMessage[i].Contains("StatusCode:")) - { - statusCode = respMessage[i].Trim().Substring("StatsCode: ".Length).Trim(); - break; - } - } - - if (statusCode != "200") - { - var errorMessage = response.Result.Content.ReadAsStringAsync(); - errorMessage.Wait(); - throw new F5WAFException(errorMessage.ToString()); - } - - _logger.MethodExit(LogLevel.Debug); - } - - public void RemoveCaCertificate(string f5Namespace, string certName) - { - _logger.MethodEntry(LogLevel.Debug); + string certType = isTLSCertificate ? "certificates" : "trusted_ca_lists"; - var response = F5Client.DeleteAsync($"/api/config/namespaces/{f5Namespace}/trusted_ca_lists/{certName}"); + var response = F5Client.DeleteAsync($"/api/config/namespaces/{f5Namespace}/{certType}/{certName}"); response.Wait(); var stringResponse = response.Result.Content.ReadAsStringAsync(); stringResponse.Wait(); @@ -776,6 +747,8 @@ public bool JobCertIsAttachedToHttpLoadBalancer(string f5Namespace, string jobCe private string SubmitGetRequest(string endpoint) { + _logger.MethodEntry(LogLevel.Debug); + var response = F5Client.GetAsync(endpoint).Result; var result = response.Content.ReadAsStringAsync().Result; @@ -790,6 +763,8 @@ private string SubmitGetRequest(string endpoint) throw new F5WAFException(errorMessage); } + _logger.MethodExit(LogLevel.Debug); + return result; } diff --git a/F5WafOrchestrator/TLS/Management.cs b/F5WafOrchestrator/TLS/Management.cs index c65c666..cacd851 100644 --- a/F5WafOrchestrator/TLS/Management.cs +++ b/F5WafOrchestrator/TLS/Management.cs @@ -78,7 +78,7 @@ private void PerformTlsCertRemove(ManagementJobConfiguration config) "The job cert is bound to an http load balancer. Must unbind before performing management job."); } - F5Client.RemoveTlsCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias); + F5Client.RemoveCaOrTlsCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias, true); _logger.MethodExit(LogLevel.Debug); }