Prep for 2.0 release (#29)

* Doc updates (#27)
* Added Apache License to source code and removed unfinished work comments.
* Moved sql scripts to new folder
* Add more context to Provider Name and SAN parms
* Fixed Remove Bug Found after ReEnrollment Refactoring
* Update IIS-Conversion.sql
* Removed previously left in steps from initial code base.
* Updated the entry parameters grid to provide additional information on required parameters.
* Fixed Removal Bug and Updated Readme
* Update to migration script
* Pam Documentation Updates
* null host name fix
* null logger issue
* New Test case added
* Fixed Null entry errors when Hostname and SAN is empty. (#40)
* Added reenrollment to store type configuration table
* Removed spaces from entry parameters to match new orchestrator requirements
* Changed wording on SAN enrollment parameter requirement
* Update generated README

Co-authored-by: Rex Wheeler <[email protected]>
Co-authored-by: Bob Pokorny <[email protected]>
Co-authored-by: Brian Hill <[email protected]>
Co-authored-by: Adam Joyner <[email protected]>

Author: 5 people

.github/workflows/keyfactor-starter-workflow.yml

@@ -11,7 +11,7 @@ jobs:
     with:
       release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
       release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }}
-      release_dir: IISWithBindings/bin/Release/netcoreapp3.1 # output directory to upload as a release, relative to checkout workspace
+      release_dir: IISU/bin/Release/netcoreapp3.1 
     secrets: 
       token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }}
 

CHANGELOG.md

@@ -1,5 +1,8 @@
 2.0.0
-* PAM Support added (requires Univesal Orchestrator Framework version 10.1)
+* Add support for reenrollment jobs (On Device Key Generation) with the ability to specify a cryptographic provider. Specification of cryptographic provider allows HSM (Hardware Security Module) use.
+* Local PAM Support added (requires Univesal Orchestrator Framework version 10.1)
+* Certificate store type changed from IISBin to IISU. See readme for migration notes.
+
 
 1.1.3
 * Made WinRM port a store parameter

IISU/IISManager.cs

@@ -1,4 +1,18 @@
-using System;
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.Linq;
 using System.Management.Automation;
 using System.Management.Automation.Runspaces;
@@ -50,7 +64,7 @@ public IISManager(ReenrollmentJobConfiguration config,string serverUserName,stri
             {
                 SiteName = config.JobProperties["SiteName"].ToString();
                 Port = config.JobProperties["Port"].ToString();
-                HostName = config.JobProperties["HostName"].ToString();
+                HostName = config.JobProperties["HostName"]?.ToString();
                 Protocol = config.JobProperties["Protocol"].ToString();
                 SniFlag = config.JobProperties["SniFlag"].ToString()?.Substring(0, 1);
                 IpAddress = config.JobProperties["IPAddress"].ToString();
@@ -89,7 +103,7 @@ public IISManager(ManagementJobConfiguration config, string serverUserName, stri
             {
                 SiteName = config.JobProperties["SiteName"].ToString();
                 Port = config.JobProperties["Port"].ToString();
-                HostName = config.JobProperties["HostName"].ToString();
+                HostName = config.JobProperties["HostName"]?.ToString();
                 Protocol = config.JobProperties["Protocol"].ToString();
                 SniFlag = config.JobProperties["SniFlag"].ToString()?.Substring(0, 1);
                 IpAddress = config.JobProperties["IPAddress"].ToString();

IISU/JobProperties.cs

@@ -1,4 +1,18 @@
-using System.ComponentModel;
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System.ComponentModel;
 using Newtonsoft.Json;
 
 namespace Keyfactor.Extensions.Orchestrator.IISU

IISU/Jobs/Inventory.cs

@@ -1,3 +1,17 @@
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 using System;
 using System.Collections.Generic;
 using System.Linq;

IISU/Jobs/Management.cs

@@ -1,4 +1,18 @@
-using System;
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.Linq;
 using System.Management.Automation;
 using System.Management.Automation.Runspaces;
@@ -78,10 +92,11 @@ private JobResult PerformRemoval(ManagementJobConfiguration config)
             try
             {
                 _logger.MethodEntry();
-                var siteName = config.JobProperties["Site Name"];
+                var siteName = config.JobProperties["SiteName"];
                 var port = config.JobProperties["Port"];
-                var hostName = config.JobProperties["Host Name"];
+                var hostName = config.JobProperties["HostName"];
                 var protocol = config.JobProperties["Protocol"];
+                var ipAddress = config.JobProperties["IPAddress"].ToString();
                 _logger.LogTrace($"Removing Site: {siteName}, Port:{port}, hostName:{hostName}, protocol:{protocol}");
 
                 var storePath = JsonConvert.DeserializeObject<JobProperties>(config.CertificateStoreDetails.Properties,
@@ -127,6 +142,7 @@ private JobResult PerformRemoval(ManagementJobConfiguration config)
                         .AddParameter("Name", siteName)
                         .AddParameter("Port", port)
                         .AddParameter("HostHeader", hostName)
+                        .AddParameter("IPAddress",ipAddress)
                         .AddStatement();
 
 

IISU/Jobs/ReEnrollment.cs

@@ -1,4 +1,18 @@
-using System;
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.Collections.ObjectModel;
 using System.Linq;
 using System.Management.Automation;
@@ -36,7 +50,6 @@ private string ResolvePamField(string name, string value)
 
         public JobResult ProcessJob(ReenrollmentJobConfiguration config, SubmitReenrollmentCSR submitReEnrollmentUpdate)
         {
-            _logger.MethodEntry();
             _logger = LogHandler.GetClassLogger<ReEnrollment>();
             _logger.LogTrace($"Job Configuration: {JsonConvert.SerializeObject(config)}");
             var storePath = JsonConvert.DeserializeObject<JobProperties>(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate });
@@ -105,13 +118,15 @@ private JobResult PerformReEnrollment(ReenrollmentJobConfiguration config, Submi
                 ps.AddScript($"Add-Content $infFilename 'KeyLength={keySize}'");
                 ps.AddScript($"Add-Content $infFilename 'KeySpec = 0'");
 
-                ps.AddScript($"Add-Content $infFilename '[Extensions]'");
-                ps.AddScript(@"Add-Content $infFilename '2.5.29.17 = ""{text}""'");
-
-                // Todo:  Parse SAN by '&' and add the below entry for each DSN
-                foreach (string s in SAN.ToString().Split("&"))
+                if(SAN != null)
                 {
-                    ps.AddScript($"Add-Content $infFilename '_continue_ = \"{s + "&"}\"'");
+                    ps.AddScript($"Add-Content $infFilename '[Extensions]'");
+                    ps.AddScript(@"Add-Content $infFilename '2.5.29.17 = ""{text}""'");
+
+                    foreach (string s in SAN.ToString().Split("&"))
+                    {
+                        ps.AddScript($"Add-Content $infFilename '_continue_ = \"{s + "&"}\"'");
+                    }
                 }
 
                 // Execute the -new command

IISU/PSCertStoreException.cs

@@ -1,4 +1,18 @@
-using System;
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.Runtime.Serialization;
 
 namespace Keyfactor.Extensions.Orchestrator.IISU

IISU/PSCertificate.cs

@@ -1,4 +1,18 @@
-using System;
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 
 namespace Keyfactor.Extensions.Orchestrator.IISU
 {

IISU/PowerShellCertException.cs

@@ -1,4 +1,18 @@
-using System;
+// Copyright 2022 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.Collections.Generic;
 using System.Runtime.Serialization;
 using System.Text;