From e9c5fceee9897ee2789760066ab7185f2a8e05b0 Mon Sep 17 00:00:00 2001 From: Bryan Date: Tue, 1 Dec 2015 14:38:20 -0700 Subject: [PATCH] Check for IIS installed. Enable SNI for IIS 8. --- letsencrypt-win-simple/Plugin/IISPlugin.cs | 52 ++++++++++++++++++---- 1 file changed, 43 insertions(+), 9 deletions(-) diff --git a/letsencrypt-win-simple/Plugin/IISPlugin.cs b/letsencrypt-win-simple/Plugin/IISPlugin.cs index 520e9e807..5b93344c9 100644 --- a/letsencrypt-win-simple/Plugin/IISPlugin.cs +++ b/letsencrypt-win-simple/Plugin/IISPlugin.cs @@ -1,4 +1,5 @@ using Microsoft.Web.Administration; +using Microsoft.Win32; using System; using System.Collections.Generic; using System.IO; @@ -13,26 +14,37 @@ public class IISPlugin : Plugin { public override string Name => "IIS"; + static Version iisVersion; + public override List GetTargets() { Console.WriteLine("\nScanning IIS 7 Site Bindings for Hosts"); var result = new List(); - using (var iisManager = new ServerManager()) + + iisVersion = GetIisVersion(); + if (iisVersion.Major == 0) { - foreach (var site in iisManager.Sites) + Console.WriteLine(" IIS Version not found in windows registry. Skipping scan."); + } + else + { + using (var iisManager = new ServerManager()) { - foreach (var binding in site.Bindings) + foreach (var site in iisManager.Sites) { - if (!String.IsNullOrEmpty(binding.Host) && binding.Protocol == "http") - result.Add(new Target() { SiteId = site.Id, Host = binding.Host, WebRootPath = site.Applications["/"].VirtualDirectories["/"].PhysicalPath, PluginName = Name }); + foreach (var binding in site.Bindings) + { + if (!String.IsNullOrEmpty(binding.Host) && binding.Protocol == "http") + result.Add(new Target() { SiteId = site.Id, Host = binding.Host, WebRootPath = site.Applications["/"].VirtualDirectories["/"].PhysicalPath, PluginName = Name }); + } } } - } - if (result.Count == 0) - { - Console.WriteLine(" No IIS bindings with host names were found. Please add one using IIS Manager. A host name and site path are required to verify domain ownership."); + if (result.Count == 0) + { + Console.WriteLine(" No IIS bindings with host names were found. Please add one using IIS Manager. A host name and site path are required to verify domain ownership."); + } } return result; @@ -95,6 +107,9 @@ public override void Install(Target target, string pfxFilename, X509Store store, Console.WriteLine($" Adding https Binding"); var iisBinding = site.Bindings.Add(":443:" + target.Host, certificate.GetCertHash(), store.Name); iisBinding.Protocol = "https"; + + if (iisVersion.Major >= 8) + iisBinding.SetAttributeValue("sslFlags", 1); // Enable SNI support } Console.WriteLine($" Commiting binding changes to IIS"); @@ -102,6 +117,25 @@ public override void Install(Target target, string pfxFilename, X509Store store, } } + public Version GetIisVersion() + { + using (RegistryKey componentsKey = Registry.LocalMachine.OpenSubKey(@"Software\Microsoft\InetStp", false)) + { + if (componentsKey != null) + { + int majorVersion = (int)componentsKey.GetValue("MajorVersion", -1); + int minorVersion = (int)componentsKey.GetValue("MinorVersion", -1); + + if (majorVersion != -1 && minorVersion != -1) + { + return new Version(majorVersion, minorVersion); + } + } + + return new Version(0, 0); + } + } + Site GetSite(Target target, ServerManager iisManager) { foreach (var site in iisManager.Sites)