/ejbca-csharp-client-sdk

Client SDK in C# for the EJBCA REST API

Primary LanguageC#Apache License 2.0Apache-2.0

Community supported

We welcome contributions.

The EJBCA C# Client SDK is open source and community supported, meaning that there is no SLA applicable for these tools.

To report a problem or suggest a new feature, use the Issues tab. If you want to contribute actual bug fixes or proposed enhancements, use the Pull requests tab.

EJBCA C# Client SDK

Client SDK in C# for the EJBCA REST API

The SDK includes the request/response structures and methods to make a web request to any endpoint supported by the EJBCA REST API ("status" endpoints are not currently supported). The entire source code is in EJBCA-CSharp-Client-SDK/Client.cs; this is auto-generated by Visual Studio 2019 in conjunction with a Keyfactor-maintained tool. Usage examples are shown in the "Harness" project and below:

using System;
using System.Net;
using System.Net.Http;
using System.Security.Cryptography.X509Certificates;

using EJBCA;

namespace Harness
{
    class Program
    {
        static void Main(string[] args)
        {
            // Environment config
            string baseURL = "https://192.168.40.132/ejbca/ejbca-rest-api";
            string Ca_name = "testCA";
            string End_entity_profile_name = "JDK";
            string Subject_dn = "CN=jdk";
            string clientAuthCertPath = "C:\\certs\\ejbca-client-cert.pfx";
            string clientAuthCertPassword = "";

            // Auto-generated values for end entity to request certificate
            string username = $"CSharp-Client{new Random().NextDouble()}";
            string password = $"CSharp-Client{new Random().NextDouble()}";

            // Disable server certificate validation. Insecure - testing purposes only.
            ServicePointManager.ServerCertificateValidationCallback = (sender, cert, chain, sslPolicyErrors) => { return true; };
            
            // Set up EJBCA HTTP client
            HttpClientHandler handler = new HttpClientHandler();
            handler.ClientCertificates.Add(new X509Certificate2(clientAuthCertPath, clientAuthCertPassword));
            HttpClient httpclient = new HttpClient(handler)
            {
                BaseAddress = new Uri(baseURL)
            };
            Client c = new Client(httpclient);

            // Add a new end entity for the certificate request
            AddEndEntityRestRequest addReq = new AddEndEntityRestRequest()
            {
                Username = username,
                Password = password,
                Ca_name = Ca_name,
                End_entity_profile_name = End_entity_profile_name,
                Certificate_profile_name = "ENDUSER",
                Subject_dn = Subject_dn,
                Token = AddEndEntityRestRequestToken.USERGENERATED
            };
            c.AddAsync(addReq).Wait();

            // Request new certificate
            CertificateRequestRestRequest req = new CertificateRequestRestRequest()
            {
                Certificate_authority_name = Ca_name,
                Include_chain = true,
                Username = username,
                Password = password,
                Certificate_request = "MII..."
            };
            CertificateRestResponse resp = c.CertificateRequestAsync(req).Result;
            Console.WriteLine(resp.Certificate);
        }
    }
}