Add bundled certificates, only manage certificate on windows.

Update README.md

Application/Api/UnlockAllMusicCommand.cs

@@ -1,4 +1,5 @@
-using Microsoft.Extensions.Logging;
+using System.Diagnostics.CodeAnalysis;
+using Microsoft.Extensions.Logging;
 
 namespace Application.Api;
 
@@ -14,6 +15,8 @@ public class UnlockAllMusicCommandHandler : RequestHandlerBase<UnlockAllMusicCom
         this.logger = logger;
     }
 
+    [SuppressMessage("ReSharper.DPA", "DPA0007: Large number of DB records")]
+    [SuppressMessage("ReSharper.DPA", "DPA0006: Large number of DB commands")]
     public override async Task<ServiceResult<bool>> Handle(UnlockAllMusicCommand request, CancellationToken cancellationToken)
     {
         var unlocks = await CardDbContext.CardDetails.Where(

Infrastructure/Common/CertificateService.cs

@@ -24,6 +24,7 @@ public class CertificateService
 
     private const string ROOT_CA_CN = "Taito Arcade Machine CA";
     private const string CERT_CN = "GC local server";
+    private const string CERT_CN2 = "nesys";
     private const string CERT_DIR = "Certificates";
     private const string CERT_FILE_NAME = "cert.pfx";
     private const string ROOT_CERT_FILE_NAME = "root.pfx";
@@ -116,7 +117,15 @@ public class CertificateService
         {
             var existingCert = GetCertificate(StoreName.My, StoreLocation.LocalMachine, CERT_CN);
 
-            if (existingCert != null)
+            if (existingCert is not null)
+            {
+                return existingCert;
+            }
+            
+            logger.LogInformation("First try not found, changing CN to nesys");
+            
+            existingCert = GetCertificate(StoreName.My, StoreLocation.LocalMachine, CERT_CN2);
+            if (existingCert is not null)
             {
                 return existingCert;
             }
@@ -257,7 +266,7 @@ public class CertificateService
                 store.Open(OpenFlags.ReadOnly);
                 var result = store.Certificates.Find(X509FindType.FindByIssuerName, ROOT_CA_CN, true);
 
-                certificateExists = result.Count == 2;
+                certificateExists = result.Count != 0;
 
                 store.Close();
             }
@@ -286,9 +295,9 @@ public class CertificateService
         try
         {
             var store = new X509Store(storeName, storeLocation);
-            store.Open(OpenFlags.ReadWrite);
-            var result = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName,
-                $"CN={commonName}", true);
+            store.Open(OpenFlags.ReadOnly);
+            var result = store.Certificates.Find(X509FindType.FindBySubjectName,
+                $"{commonName}", true);
 
             if (result.Any())
             {

MainServer/MainServer.csproj

@@ -68,27 +68,45 @@
         </Content>
         <Content Update="wwwroot\events\event_103_20201125.evt">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
         <Content Update="wwwroot\events\event_20201125_reg.jpg">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
         <Content Update="wwwroot\events\event_20201125_sgreg.png">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
         <Content Update="wwwroot\events\event_unlock_20201125.cmp">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
         <Content Update="wwwroot\events\news_big_20201125_0.jpg">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
         <Content Update="wwwroot\events\news_big_20201125_2.jpg">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
         <Content Update="wwwroot\events\news_small_20201125_1.jpg">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
         <Content Update="wwwroot\events\telop_20201125.txt">
           <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
+        </Content>
+        <None Remove="BundledCertificates\cert.pfx" />
+        <Content Include="BundledCertificates\cert.pfx">
+          <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
+        </Content>
+        <None Remove="BundledCertificates\root.pfx" />
+        <Content Include="BundledCertificates\root.pfx">
+          <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+          <ExcludeFromSingleFile>true</ExcludeFromSingleFile>
         </Content>
     </ItemGroup>
 

MainServer/Program.cs

@@ -1,4 +1,5 @@
 using System.Reflection;
+using System.Security.Authentication;
 using Application;
 using Application.Interfaces;
 using Domain.Config;
@@ -45,10 +46,15 @@ try
 
     var serverIp = builder.Configuration["ServerIp"] ?? "127.0.0.1";
     var certificateManager = new CertificateService(serverIp, new SerilogLoggerFactory(Log.Logger).CreateLogger(""));
-    builder.WebHost.ConfigureKestrel(options => 
-        options.ConfigureHttpsDefaults(adapterOptions => 
-            adapterOptions.ServerCertificate = certificateManager.InitializeCertificate()
-        ));
+    if (Environment.OSVersion.Platform == PlatformID.Win32NT)
+    {
+            builder.WebHost.UseKestrel(options =>
+                options.ConfigureHttpsDefaults(adapterOptions =>
+                {
+                    adapterOptions.ServerCertificate = certificateManager.InitializeCertificate();
+                }));
+    }
+
 
     builder.Host.UseSerilog((context, configuration) =>
     {

README.md

@@ -73,11 +73,23 @@ To enable these, try use the omnimixed version of stage_param.dat. That can fix
 
 ## Local network
 
-If your game and server is not on the same computer, import the certificates in `Certificates`  folder. `root.pfx` goes into LocalMachine/My and Trusted root, the other only LocalMachine/My.
+If your game and server is not on the same computer, import the certificates in `BundledCertificates`  folder. `root.pfx` goes into LocalMachine/My and Trusted root, `cert.pfx` only LocalMachine/My. Then in `server.json`, modify the following section:
+
+```
+      "Https": {
+        "Url": "https://0.0.0.0:443",
+        "Certificate": {
+          "Path": "BundledCertificates/cert.pfx",
+          "Password": ""
+        }
+      },
+```
+
+
 
 ## Windows XP
 
-If you are using Windows XP (e.g. using real machine), it will not recognize the generated certificate since it uses SHA256.
+If you are using Windows XP (e.g. using a real arcade machine), it will not recognize the generated certificate since it uses SHA256.
 
 You will have to generate the certificates yourself. 
 
@@ -92,3 +104,10 @@ There's a basic web interface for check scores and set options.
 ## Song unlock
 
 To unlock all songs, first play for one time and save, then in web UI, go to `Edit Options` to unlock all songs.
+
+Notice that unlock all songs without playing them can increase card saving time a lot, so it is better to play them, or manually create an empty failed record, using the following SQL
+
+```sqlite
+INSERT INTO "main"."card_detail" VALUES ({card_id}, {song_id}, 0, 2, 5, 1, 0,0,0,0,0,0,'1337',0,0,0,638127691353989741);
+```
+