diff --git a/DigiCertSymCaProxy/Client/DigiCertSymClient.cs b/DigiCertSymCaProxy/Client/DigiCertSymClient.cs index b7a5e9b..3fae658 100644 --- a/DigiCertSymCaProxy/Client/DigiCertSymClient.cs +++ b/DigiCertSymCaProxy/Client/DigiCertSymClient.cs @@ -1,15 +1,18 @@ using System; -using System.Collections.Concurrent; +using System.IO; using System.Net; using System.Net.Http; using System.Net.Http.Headers; +using System.Security.Cryptography.X509Certificates; +using System.ServiceModel; using System.Text; -using System.Threading; using System.Threading.Tasks; -using CAProxy.AnyGateway.Interfaces; +using System.Xml.Serialization; +using CAProxy.AnyGateway; +using CAProxy.AnyGateway.Models.Configuration; using CSS.Common.Logging; using Keyfactor.AnyGateway.DigiCertSym.Client.Models; -using Keyfactor.AnyGateway.DigiCertSym.Exceptions; +using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP; using Keyfactor.AnyGateway.DigiCertSym.Interfaces; using Newtonsoft.Json; @@ -17,15 +20,18 @@ namespace Keyfactor.AnyGateway.DigiCertSym.Client { public sealed class DigiCertSymClient : LoggingClientBase, IDigiCertSymClient { - public DigiCertSymClient(ICAConnectorConfigProvider config) + public DigiCertSymClient(CAConfig config) { - if (config.CAConnectionData.ContainsKey(Constants.DigiCertSymApiKey)) - { + if (config.Config.CAConnection.ContainsKey(Constants.DigiCertSymApiKey)) try { - BaseUrl = new Uri(config.CAConnectionData[Constants.DigiCertSymUrl].ToString()); - ApiKey = config.CAConnectionData[Constants.DigiCertSymApiKey].ToString(); - SeatList = config.CAConnectionData[Constants.SeatList].ToString(); + BaseUrl = new Uri(config.Config.CAConnection[Constants.DigiCertSymUrl].ToString()); + ApiKey = config.Config.CAConnection[Constants.DigiCertSymApiKey].ToString(); + ClientCertificateLocation = + config.Config.CAConnection[Constants.ClientCertificateLocation].ToString(); + ClientCertificatePassword = + config.Config.CAConnection[Constants.ClientCertificatePassword].ToString(); + EndPointAddress = config.Config.CAConnection[Constants.EndpointAddress].ToString(); RestClient = ConfigureRestClient(); } catch (Exception e) @@ -33,14 +39,14 @@ public DigiCertSymClient(ICAConnectorConfigProvider config) Logger.Error($"DigiCertSymClient Constructor Error Occurred: {e.Message}"); throw; } - } } private Uri BaseUrl { get; } private HttpClient RestClient { get; } private string ApiKey { get; } - private string SeatList { get; } - private int PageSize { get; } = 50; + private string EndPointAddress { get; } + private string ClientCertificateLocation { get; } + private string ClientCertificatePassword { get; } public async Task SubmitEnrollmentAsync( @@ -53,20 +59,20 @@ public async Task SubmitEnrollmentAsync( { EnrollmentResponse response; Logger.Trace(JsonConvert.SerializeObject(enrollmentRequest)); - var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore}; + var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }; if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response { var errorResponse = JsonConvert.DeserializeObject(await resp.Content.ReadAsStringAsync(), settings); - response = new EnrollmentResponse {RegistrationError = errorResponse, Result = null}; + response = new EnrollmentResponse { RegistrationError = errorResponse, Result = null }; return response; } var registrationResponse = JsonConvert.DeserializeObject(await resp.Content.ReadAsStringAsync(), settings); - response = new EnrollmentResponse {RegistrationError = null, Result = registrationResponse}; + response = new EnrollmentResponse { RegistrationError = null, Result = registrationResponse }; return response; } } @@ -88,20 +94,20 @@ public async Task SubmitRenewalAsync(string serialNumber, { EnrollmentResponse response; Logger.Trace(JsonConvert.SerializeObject(renewalRequest)); - var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore}; + var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }; if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response { var errorResponse = JsonConvert.DeserializeObject(await resp.Content.ReadAsStringAsync(), settings); - response = new EnrollmentResponse {RegistrationError = errorResponse, Result = null}; + response = new EnrollmentResponse { RegistrationError = errorResponse, Result = null }; return response; } var registrationResponse = JsonConvert.DeserializeObject(await resp.Content.ReadAsStringAsync(), settings); - response = new EnrollmentResponse {RegistrationError = null, Result = registrationResponse}; + response = new EnrollmentResponse { RegistrationError = null, Result = registrationResponse }; return response; } } @@ -122,7 +128,7 @@ public async Task SubmitRevokeCertificateAsync(string serialNumb new StringContent( JsonConvert.SerializeObject(revokeRequest), Encoding.ASCII, "application/json"))) { - var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore}; + var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }; if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response { var errorResponse = @@ -134,7 +140,7 @@ public async Task SubmitRevokeCertificateAsync(string serialNumb } var getRevokeResponse = await resp.Content.ReadAsStringAsync(); - response = new RevokeResponse {RegistrationError = null, Result = getRevokeResponse}; + response = new RevokeResponse { RegistrationError = null, Result = getRevokeResponse }; return response; } } @@ -153,21 +159,21 @@ public async Task SubmitGetCertificateAsync(string seria { Logger.Trace(JsonConvert.SerializeObject(resp)); - var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore}; + var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }; GetCertificateResponse response; if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response { var errorResponse = JsonConvert.DeserializeObject(await resp.Content.ReadAsStringAsync(), settings); - response = new GetCertificateResponse {CertificateError = errorResponse, Result = null}; + response = new GetCertificateResponse { CertificateError = errorResponse, Result = null }; return response; } var certificateResponse = JsonConvert.DeserializeObject(await resp.Content.ReadAsStringAsync(), settings); - response = new GetCertificateResponse {CertificateError = null, Result = certificateResponse}; + response = new GetCertificateResponse { CertificateError = null, Result = certificateResponse }; return response; } } @@ -178,100 +184,40 @@ public async Task SubmitGetCertificateAsync(string seria } } - public async Task SubmitQueryOrderRequestAsync(BlockingCollection bc, CancellationToken ct, - RequestManager requestManager) + public SearchCertificateResponseType SubmitQueryOrderRequest( + RequestManager requestManager, ProductModel template,int pageCounter) { Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); try { - var itemsProcessed = 0; - var isComplete = false; - var retryCount = 0; - - foreach (var seat in SeatList.Split(',')) - { - Logger.Trace($"Processing SeatId {seat}"); - var pageCounter = 1; - do - { - var queryOrderRequest = - requestManager.GetSearchCertificatesRequest(pageCounter, seat); - var batchItemsProcessed = 0; - using (var resp = await RestClient.PostAsync("/mpki/api/v1/searchcert", new StringContent( - JsonConvert.SerializeObject(queryOrderRequest), Encoding.ASCII, "application/json"), ct)) - { - - if (!resp.IsSuccessStatusCode) - { - var responseMessage = resp.Content.ReadAsStringAsync().Result; - Logger.Trace($"Raw error response {responseMessage}"); + Logger.Trace($"Processing Template {template.ProductID}"); - //igngore missing Certificate in search 404 errors - if (!responseMessage.Contains("entity_not_found")) - { - Logger.Error( - $"Failed Request to Digicert mPKI. Retrying request. Status Code {resp.StatusCode} | Message: {responseMessage}"); - retryCount++; - if (retryCount > 5) - throw new RetryCountExceededException( - $"5 consecutive failures to {resp.RequestMessage.RequestUri}"); - } - break; //Seat has no certs move on to the next seat - } + var queryOrderRequest = + requestManager.GetSearchCertificatesRequest(pageCounter, template.ProductID); + XmlSerializer x = new XmlSerializer(queryOrderRequest.GetType()); + TextWriter tw = new StringWriter(); + x.Serialize(tw, queryOrderRequest); + Logger.Trace($"Raw Search Cert Soap Request {tw}"); - var response = JsonConvert.DeserializeObject( - await resp.Content.ReadAsStringAsync()); + var bind = new BasicHttpsBinding {MaxReceivedMessageSize = 2147483647}; + bind.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; + var ep = new EndpointAddress(EndPointAddress); + var client = new CertificateManagementOperationsClient(bind, ep); + var cert = new X509Certificate2(ClientCertificateLocation, ClientCertificatePassword); + if (client.ClientCredentials != null) + client.ClientCredentials.ClientCertificate.Certificate = cert; - var batchResponse = response.Certificates; - var batchCount = batchResponse.Count; + var resp = client.searchCertificate(queryOrderRequest); - Logger.Trace($"Processing {batchCount} items in batch"); - do - { - var r = batchResponse[batchItemsProcessed]; - if (bc.TryAdd(r, 10, ct)) - { - Logger.Trace($"Added Certificate ID {r.SerialNumber} to Queue for processing"); - batchItemsProcessed++; - itemsProcessed++; - Logger.Trace($"Processed {batchItemsProcessed} of {batchCount}"); - Logger.Trace($"Total Items Processed: {itemsProcessed}"); - } - else - { - Logger.Trace($"Adding {r} blocked. Retry"); - } - } while (batchItemsProcessed < batchCount); //batch loop - } - - //assume that if we process less records than requested that we have reached the end of the certificate list - if (batchItemsProcessed < PageSize) - isComplete = true; - pageCounter = pageCounter + PageSize; - } while (!isComplete); //page loop - } - bc.CompleteAdding(); - } - catch (OperationCanceledException cancelEx) - { - Logger.Warn($"Synchronize method was cancelled. Message: {cancelEx.Message}"); - bc.CompleteAdding(); - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - // ReSharper disable once PossibleIntendedRethrow - throw cancelEx; - } - catch (RetryCountExceededException retryEx) - { - Logger.Error($"Retries Failed: {retryEx.Message}"); Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + + return resp; } - catch (HttpRequestException ex) + catch (Exception e) { - Logger.Error($"HttpRequest Failed: {ex.Message}"); - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + Logger.Error($"CertificateSearchResultType Error Occurred {e.Message}"); + throw; } - - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); } private HttpClient ConfigureRestClient() @@ -279,7 +225,7 @@ private HttpClient ConfigureRestClient() try { var clientHandler = new WebRequestHandler(); - var returnClient = new HttpClient(clientHandler, true) {BaseAddress = BaseUrl}; + var returnClient = new HttpClient(clientHandler, true) { BaseAddress = BaseUrl }; returnClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); returnClient.DefaultRequestHeaders.Add("x-api-key", ApiKey); return returnClient; diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource new file mode 100644 index 0000000..445ac7a --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource new file mode 100644 index 0000000..750daa3 --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource new file mode 100644 index 0000000..541b61d --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource new file mode 100644 index 0000000..89f89f5 --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource new file mode 100644 index 0000000..eb8bb32 --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource new file mode 100644 index 0000000..538ee8e --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource new file mode 100644 index 0000000..e4903d5 --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource new file mode 100644 index 0000000..b1afe2e --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource new file mode 100644 index 0000000..d31541c --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource @@ -0,0 +1,10 @@ + + + + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.cs b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.cs new file mode 100644 index 0000000..74bfb1e --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.cs @@ -0,0 +1,1909 @@ +//------------------------------------------------------------------------------ +// +// This code was generated by a tool. +// Runtime Version:4.0.30319.42000 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// +//------------------------------------------------------------------------------ + +namespace Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP { + + + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ServiceModel.ServiceContractAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", ConfigurationName="DigicertMPKISOAP.CertificateManagementOperations")] + public interface CertificateManagementOperations { + + // CODEGEN: Generating message contract since the operation bulkUpdateCertificateStatus is neither RPC nor document wrapped. + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/bulkUpdateCertificateS" + + "tatus", ReplyAction="*")] + [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse bulkUpdateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request); + + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/bulkUpdateCertificateS" + + "tatus", ReplyAction="*")] + System.Threading.Tasks.Task bulkUpdateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request); + + // CODEGEN: Generating message contract since the operation updateCertificateStatus is neither RPC nor document wrapped. + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/updateCertificateStatu" + + "s", ReplyAction="*")] + [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse updateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request); + + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/updateCertificateStatu" + + "s", ReplyAction="*")] + System.Threading.Tasks.Task updateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request); + + // CODEGEN: Generating message contract since the operation searchCertificate is neither RPC nor document wrapped. + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/searchCertificate", ReplyAction="*")] + [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse searchCertificate(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request); + + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/searchCertificate", ReplyAction="*")] + System.Threading.Tasks.Task searchCertificateAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request); + + // CODEGEN: Generating message contract since the operation keyRecovery is neither RPC nor document wrapped. + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/keyRecovery", ReplyAction="*")] + [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse keyRecovery(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request); + + [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/keyRecovery", ReplyAction="*")] + System.Threading.Tasks.Task keyRecoveryAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request); + + // CODEGEN: Generating message contract since the operation printMyBean is neither RPC nor document wrapped. + [System.ServiceModel.OperationContractAttribute(Action="", ReplyAction="*")] + [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse printMyBean(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request); + + [System.ServiceModel.OperationContractAttribute(Action="", ReplyAction="*")] + System.Threading.Tasks.Task printMyBeanAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request); + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class BulkUpdateCertificateStatusRequestType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string versionField; + + private RevokeReasonCodeEnum revocationReasonField; + + private bool revocationReasonFieldSpecified; + + private string commentField; + + private string[] certificateSerialNumberField; + + private string[] seatIdField; + + private string[] profileOIDField; + + private OperationTypeEnum operationTypeField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public RevokeReasonCodeEnum revocationReason { + get { + return this.revocationReasonField; + } + set { + this.revocationReasonField = value; + this.RaisePropertyChanged("revocationReason"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool revocationReasonSpecified { + get { + return this.revocationReasonFieldSpecified; + } + set { + this.revocationReasonFieldSpecified = value; + this.RaisePropertyChanged("revocationReasonSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public string comment { + get { + return this.commentField; + } + set { + this.commentField = value; + this.RaisePropertyChanged("comment"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute("certificateSerialNumber", IsNullable=true, Order=4)] + public string[] certificateSerialNumber { + get { + return this.certificateSerialNumberField; + } + set { + this.certificateSerialNumberField = value; + this.RaisePropertyChanged("certificateSerialNumber"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute("seatId", IsNullable=true, Order=5)] + public string[] seatId { + get { + return this.seatIdField; + } + set { + this.seatIdField = value; + this.RaisePropertyChanged("seatId"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute("profileOID", IsNullable=true, Order=6)] + public string[] profileOID { + get { + return this.profileOIDField; + } + set { + this.profileOIDField = value; + this.RaisePropertyChanged("profileOID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=7)] + public OperationTypeEnum operationType { + get { + return this.operationTypeField; + } + set { + this.operationTypeField = value; + this.RaisePropertyChanged("operationType"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=8)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public enum RevokeReasonCodeEnum { + + /// + Unspecified, + + /// + KeyCompromise, + + /// + CACompromise, + + /// + AffiliationChanged, + + /// + CessationOfOperation, + + /// + PrivilegeWithdrawn, + + /// + AACompromise, + + /// + Superseded, + + /// + CertificateHold, + + /// + RemoveFromCRL, + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public enum OperationTypeEnum { + + /// + Revoke, + + /// + Suspend, + + /// + Resume, + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class RequestKeyRecoveryResponseMessageType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string serverTransactionIDField; + + private int adminApprovalPendingCountField; + + private bool adminApprovalPendingCountFieldSpecified; + + private string pKCS12PasswordField; + + private string[] pKCS12MessageField; + + private string versionField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string serverTransactionID { + get { + return this.serverTransactionIDField; + } + set { + this.serverTransactionIDField = value; + this.RaisePropertyChanged("serverTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public int adminApprovalPendingCount { + get { + return this.adminApprovalPendingCountField; + } + set { + this.adminApprovalPendingCountField = value; + this.RaisePropertyChanged("adminApprovalPendingCount"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool adminApprovalPendingCountSpecified { + get { + return this.adminApprovalPendingCountFieldSpecified; + } + set { + this.adminApprovalPendingCountFieldSpecified = value; + this.RaisePropertyChanged("adminApprovalPendingCountSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public string pKCS12Password { + get { + return this.pKCS12PasswordField; + } + set { + this.pKCS12PasswordField = value; + this.RaisePropertyChanged("pKCS12Password"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute("pKCS12Message", Order=4)] + public string[] pKCS12Message { + get { + return this.pKCS12MessageField; + } + set { + this.pKCS12MessageField = value; + this.RaisePropertyChanged("pKCS12Message"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=5)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class RequestKeyRecoveryMessageType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string pKCS12PasswordField; + + private string certificateSerialNumberField; + + private string certificateIssuerField; + + private string adminIDField; + + private string versionField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string pKCS12Password { + get { + return this.pKCS12PasswordField; + } + set { + this.pKCS12PasswordField = value; + this.RaisePropertyChanged("pKCS12Password"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public string certificateSerialNumber { + get { + return this.certificateSerialNumberField; + } + set { + this.certificateSerialNumberField = value; + this.RaisePropertyChanged("certificateSerialNumber"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public string certificateIssuer { + get { + return this.certificateIssuerField; + } + set { + this.certificateIssuerField = value; + this.RaisePropertyChanged("certificateIssuer"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=4)] + public string adminID { + get { + return this.adminIDField; + } + set { + this.adminIDField = value; + this.RaisePropertyChanged("adminID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=5)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class CertificateSearchResultType : object, System.ComponentModel.INotifyPropertyChanged { + + private byte[] certificateField; + + private string seatIdField; + + private string commonNameField; + + private string accountIdField; + + private string profileOIDField; + + private string emailAddressField; + + private CertificateStatusEnum statusField; + + private long revokeAtField; + + private bool revokeAtFieldSpecified; + + private RevokeReasonCodeEnum revokeReasonField; + + private bool revokeReasonFieldSpecified; + + private long validFromField; + + private long validToField; + + private string serialNumberField; + + private bool isEscrowedField; + + private string enrollmentNotesField; + + private string revokeCommentsField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(DataType="base64Binary", Order=0)] + public byte[] certificate { + get { + return this.certificateField; + } + set { + this.certificateField = value; + this.RaisePropertyChanged("certificate"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string seatId { + get { + return this.seatIdField; + } + set { + this.seatIdField = value; + this.RaisePropertyChanged("seatId"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public string commonName { + get { + return this.commonNameField; + } + set { + this.commonNameField = value; + this.RaisePropertyChanged("commonName"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public string accountId { + get { + return this.accountIdField; + } + set { + this.accountIdField = value; + this.RaisePropertyChanged("accountId"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=4)] + public string profileOID { + get { + return this.profileOIDField; + } + set { + this.profileOIDField = value; + this.RaisePropertyChanged("profileOID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(IsNullable=true, Order=5)] + public string emailAddress { + get { + return this.emailAddressField; + } + set { + this.emailAddressField = value; + this.RaisePropertyChanged("emailAddress"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=6)] + public CertificateStatusEnum status { + get { + return this.statusField; + } + set { + this.statusField = value; + this.RaisePropertyChanged("status"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=7)] + public long revokeAt { + get { + return this.revokeAtField; + } + set { + this.revokeAtField = value; + this.RaisePropertyChanged("revokeAt"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool revokeAtSpecified { + get { + return this.revokeAtFieldSpecified; + } + set { + this.revokeAtFieldSpecified = value; + this.RaisePropertyChanged("revokeAtSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=8)] + public RevokeReasonCodeEnum revokeReason { + get { + return this.revokeReasonField; + } + set { + this.revokeReasonField = value; + this.RaisePropertyChanged("revokeReason"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool revokeReasonSpecified { + get { + return this.revokeReasonFieldSpecified; + } + set { + this.revokeReasonFieldSpecified = value; + this.RaisePropertyChanged("revokeReasonSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=9)] + public long validFrom { + get { + return this.validFromField; + } + set { + this.validFromField = value; + this.RaisePropertyChanged("validFrom"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=10)] + public long validTo { + get { + return this.validToField; + } + set { + this.validToField = value; + this.RaisePropertyChanged("validTo"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=11)] + public string serialNumber { + get { + return this.serialNumberField; + } + set { + this.serialNumberField = value; + this.RaisePropertyChanged("serialNumber"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=12)] + public bool isEscrowed { + get { + return this.isEscrowedField; + } + set { + this.isEscrowedField = value; + this.RaisePropertyChanged("isEscrowed"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(IsNullable=true, Order=13)] + public string enrollmentNotes { + get { + return this.enrollmentNotesField; + } + set { + this.enrollmentNotesField = value; + this.RaisePropertyChanged("enrollmentNotes"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(IsNullable=true, Order=14)] + public string revokeComments { + get { + return this.revokeCommentsField; + } + set { + this.revokeCommentsField = value; + this.RaisePropertyChanged("revokeComments"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=15)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public enum CertificateStatusEnum { + + /// + VALID, + + /// + EXPIRED, + + /// + REVOKED, + + /// + SUSPENDED, + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class SearchCertificateResponseType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string serverTransactionIDField; + + private int certificateCountField; + + private CertificateSearchResultType[] certificateListField; + + private bool moreCertificateAvailableField; + + private bool moreCertificateAvailableFieldSpecified; + + private string versionField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string serverTransactionID { + get { + return this.serverTransactionIDField; + } + set { + this.serverTransactionIDField = value; + this.RaisePropertyChanged("serverTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public int certificateCount { + get { + return this.certificateCountField; + } + set { + this.certificateCountField = value; + this.RaisePropertyChanged("certificateCount"); + } + } + + /// + [System.Xml.Serialization.XmlArrayAttribute(Order=3)] + [System.Xml.Serialization.XmlArrayItemAttribute("certificateInformation", IsNullable=false)] + public CertificateSearchResultType[] certificateList { + get { + return this.certificateListField; + } + set { + this.certificateListField = value; + this.RaisePropertyChanged("certificateList"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=4)] + public bool moreCertificateAvailable { + get { + return this.moreCertificateAvailableField; + } + set { + this.moreCertificateAvailableField = value; + this.RaisePropertyChanged("moreCertificateAvailable"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool moreCertificateAvailableSpecified { + get { + return this.moreCertificateAvailableFieldSpecified; + } + set { + this.moreCertificateAvailableFieldSpecified = value; + this.RaisePropertyChanged("moreCertificateAvailableSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=5)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class SearchCertificateRequestType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string seatIdField; + + private string accountIdField; + + private string profileOIDField; + + private string commonNameField; + + private CertificateStatusEnum statusField; + + private bool statusFieldSpecified; + + private string emailAddressField; + + private string serialNumberField; + + private byte[] issuingCAField; + + private long validFromField; + + private bool validFromFieldSpecified; + + private long validToField; + + private bool validToFieldSpecified; + + private int startIndexField; + + private bool startIndexFieldSpecified; + + private string versionField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string seatId { + get { + return this.seatIdField; + } + set { + this.seatIdField = value; + this.RaisePropertyChanged("seatId"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public string accountId { + get { + return this.accountIdField; + } + set { + this.accountIdField = value; + this.RaisePropertyChanged("accountId"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public string profileOID { + get { + return this.profileOIDField; + } + set { + this.profileOIDField = value; + this.RaisePropertyChanged("profileOID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=4)] + public string commonName { + get { + return this.commonNameField; + } + set { + this.commonNameField = value; + this.RaisePropertyChanged("commonName"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=5)] + public CertificateStatusEnum status { + get { + return this.statusField; + } + set { + this.statusField = value; + this.RaisePropertyChanged("status"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool statusSpecified { + get { + return this.statusFieldSpecified; + } + set { + this.statusFieldSpecified = value; + this.RaisePropertyChanged("statusSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=6)] + public string emailAddress { + get { + return this.emailAddressField; + } + set { + this.emailAddressField = value; + this.RaisePropertyChanged("emailAddress"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=7)] + public string serialNumber { + get { + return this.serialNumberField; + } + set { + this.serialNumberField = value; + this.RaisePropertyChanged("serialNumber"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(DataType="base64Binary", Order=8)] + public byte[] issuingCA { + get { + return this.issuingCAField; + } + set { + this.issuingCAField = value; + this.RaisePropertyChanged("issuingCA"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=9)] + public long validFrom { + get { + return this.validFromField; + } + set { + this.validFromField = value; + this.RaisePropertyChanged("validFrom"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool validFromSpecified { + get { + return this.validFromFieldSpecified; + } + set { + this.validFromFieldSpecified = value; + this.RaisePropertyChanged("validFromSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=10)] + public long validTo { + get { + return this.validToField; + } + set { + this.validToField = value; + this.RaisePropertyChanged("validTo"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool validToSpecified { + get { + return this.validToFieldSpecified; + } + set { + this.validToFieldSpecified = value; + this.RaisePropertyChanged("validToSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=11)] + public int startIndex { + get { + return this.startIndexField; + } + set { + this.startIndexField = value; + this.RaisePropertyChanged("startIndex"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool startIndexSpecified { + get { + return this.startIndexFieldSpecified; + } + set { + this.startIndexFieldSpecified = value; + this.RaisePropertyChanged("startIndexSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=12)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=13)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class UpdateCertificateStatusResponseType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string serverTransactionIDField; + + private string versionField; + + private int successCodeField; + + private string successMsgField; + + private int revocationCountField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string serverTransactionID { + get { + return this.serverTransactionIDField; + } + set { + this.serverTransactionIDField = value; + this.RaisePropertyChanged("serverTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public int successCode { + get { + return this.successCodeField; + } + set { + this.successCodeField = value; + this.RaisePropertyChanged("successCode"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=4)] + public string successMsg { + get { + return this.successMsgField; + } + set { + this.successMsgField = value; + this.RaisePropertyChanged("successMsg"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=5)] + public int revocationCount { + get { + return this.revocationCountField; + } + set { + this.revocationCountField = value; + this.RaisePropertyChanged("revocationCount"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class UpdateCertificateStatusRequestType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string versionField; + + private string certificateIssuerField; + + private RevokeReasonCodeEnum revocationReasonField; + + private bool revocationReasonFieldSpecified; + + private string challengeField; + + private string commentField; + + private string certificateSerialNumberField; + + private string seatIdField; + + private OperationTypeEnum operationTypeField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public string certificateIssuer { + get { + return this.certificateIssuerField; + } + set { + this.certificateIssuerField = value; + this.RaisePropertyChanged("certificateIssuer"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public RevokeReasonCodeEnum revocationReason { + get { + return this.revocationReasonField; + } + set { + this.revocationReasonField = value; + this.RaisePropertyChanged("revocationReason"); + } + } + + /// + [System.Xml.Serialization.XmlIgnoreAttribute()] + public bool revocationReasonSpecified { + get { + return this.revocationReasonFieldSpecified; + } + set { + this.revocationReasonFieldSpecified = value; + this.RaisePropertyChanged("revocationReasonSpecified"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=4)] + public string challenge { + get { + return this.challengeField; + } + set { + this.challengeField = value; + this.RaisePropertyChanged("challenge"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=5)] + public string comment { + get { + return this.commentField; + } + set { + this.commentField = value; + this.RaisePropertyChanged("comment"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=6)] + public string certificateSerialNumber { + get { + return this.certificateSerialNumberField; + } + set { + this.certificateSerialNumberField = value; + this.RaisePropertyChanged("certificateSerialNumber"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=7)] + public string seatId { + get { + return this.seatIdField; + } + set { + this.seatIdField = value; + this.RaisePropertyChanged("seatId"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=8)] + public OperationTypeEnum operationType { + get { + return this.operationTypeField; + } + set { + this.operationTypeField = value; + this.RaisePropertyChanged("operationType"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=9)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + /// + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")] + [System.SerializableAttribute()] + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.ComponentModel.DesignerCategoryAttribute("code")] + [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")] + public partial class BulkUpdateCertificateStatusResponseType : object, System.ComponentModel.INotifyPropertyChanged { + + private string clientTransactionIDField; + + private string serverTransactionIDField; + + private string versionField; + + private int successCodeField; + + private string successMsgField; + + private int revocationCountField; + + private System.Xml.XmlElement[] anyField; + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=0)] + public string clientTransactionID { + get { + return this.clientTransactionIDField; + } + set { + this.clientTransactionIDField = value; + this.RaisePropertyChanged("clientTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=1)] + public string serverTransactionID { + get { + return this.serverTransactionIDField; + } + set { + this.serverTransactionIDField = value; + this.RaisePropertyChanged("serverTransactionID"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=2)] + public string version { + get { + return this.versionField; + } + set { + this.versionField = value; + this.RaisePropertyChanged("version"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=3)] + public int successCode { + get { + return this.successCodeField; + } + set { + this.successCodeField = value; + this.RaisePropertyChanged("successCode"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=4)] + public string successMsg { + get { + return this.successMsgField; + } + set { + this.successMsgField = value; + this.RaisePropertyChanged("successMsg"); + } + } + + /// + [System.Xml.Serialization.XmlElementAttribute(Order=5)] + public int revocationCount { + get { + return this.revocationCountField; + } + set { + this.revocationCountField = value; + this.RaisePropertyChanged("revocationCount"); + } + } + + /// + [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)] + public System.Xml.XmlElement[] Any { + get { + return this.anyField; + } + set { + this.anyField = value; + this.RaisePropertyChanged("Any"); + } + } + + public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged; + + protected void RaisePropertyChanged(string propertyName) { + System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged; + if ((propertyChanged != null)) { + propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName)); + } + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class bulkUpdateCertificateStatusRequest { + + [System.ServiceModel.MessageBodyMemberAttribute(Name="bulkUpdateCertificateStatusRequest", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1; + + public bulkUpdateCertificateStatusRequest() { + } + + public bulkUpdateCertificateStatusRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1) { + this.bulkUpdateCertificateStatusRequest1 = bulkUpdateCertificateStatusRequest1; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class bulkUpdateCertificateStatusResponse { + + [System.ServiceModel.MessageBodyMemberAttribute(Name="bulkUpdateCertificateStatusResponse", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType bulkUpdateCertificateStatusResponse1; + + public bulkUpdateCertificateStatusResponse() { + } + + public bulkUpdateCertificateStatusResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType bulkUpdateCertificateStatusResponse1) { + this.bulkUpdateCertificateStatusResponse1 = bulkUpdateCertificateStatusResponse1; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class updateCertificateStatusRequest { + + [System.ServiceModel.MessageBodyMemberAttribute(Name="updateCertificateStatusRequest", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1; + + public updateCertificateStatusRequest() { + } + + public updateCertificateStatusRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1) { + this.updateCertificateStatusRequest1 = updateCertificateStatusRequest1; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class updateCertificateStatusResponse { + + [System.ServiceModel.MessageBodyMemberAttribute(Name="updateCertificateStatusResponse", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType updateCertificateStatusResponse1; + + public updateCertificateStatusResponse() { + } + + public updateCertificateStatusResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType updateCertificateStatusResponse1) { + this.updateCertificateStatusResponse1 = updateCertificateStatusResponse1; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class searchCertificateRequest { + + [System.ServiceModel.MessageBodyMemberAttribute(Name="searchCertificateRequest", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1; + + public searchCertificateRequest() { + } + + public searchCertificateRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1) { + this.searchCertificateRequest1 = searchCertificateRequest1; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class searchCertificateResponse { + + [System.ServiceModel.MessageBodyMemberAttribute(Name="searchCertificateResponse", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType searchCertificateResponse1; + + public searchCertificateResponse() { + } + + public searchCertificateResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType searchCertificateResponse1) { + this.searchCertificateResponse1 = searchCertificateResponse1; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class keyRecoveryRequest { + + [System.ServiceModel.MessageBodyMemberAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage; + + public keyRecoveryRequest() { + } + + public keyRecoveryRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage) { + this.requestKeyRecoveryMessage = requestKeyRecoveryMessage; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class keyRecoveryResponse { + + [System.ServiceModel.MessageBodyMemberAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)] + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType requestKeyRecoveryResponseMessage; + + public keyRecoveryResponse() { + } + + public keyRecoveryResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType requestKeyRecoveryResponseMessage) { + this.requestKeyRecoveryResponseMessage = requestKeyRecoveryResponseMessage; + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class printMyBeanRequest { + + public printMyBeanRequest() { + } + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + [System.ServiceModel.MessageContractAttribute(IsWrapped=false)] + public partial class printMyBeanResponse { + + public printMyBeanResponse() { + } + } + + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + public interface CertificateManagementOperationsChannel : Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations, System.ServiceModel.IClientChannel { + } + + [System.Diagnostics.DebuggerStepThroughAttribute()] + [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] + public partial class CertificateManagementOperationsClient : System.ServiceModel.ClientBase, Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations { + + public CertificateManagementOperationsClient() { + } + + public CertificateManagementOperationsClient(string endpointConfigurationName) : + base(endpointConfigurationName) { + } + + public CertificateManagementOperationsClient(string endpointConfigurationName, string remoteAddress) : + base(endpointConfigurationName, remoteAddress) { + } + + public CertificateManagementOperationsClient(string endpointConfigurationName, System.ServiceModel.EndpointAddress remoteAddress) : + base(endpointConfigurationName, remoteAddress) { + } + + public CertificateManagementOperationsClient(System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress) : + base(binding, remoteAddress) { + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.bulkUpdateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request) { + return base.Channel.bulkUpdateCertificateStatus(request); + } + + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType bulkUpdateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest(); + inValue.bulkUpdateCertificateStatusRequest1 = bulkUpdateCertificateStatusRequest1; + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).bulkUpdateCertificateStatus(inValue); + return retVal.bulkUpdateCertificateStatusResponse1; + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + System.Threading.Tasks.Task Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.bulkUpdateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request) { + return base.Channel.bulkUpdateCertificateStatusAsync(request); + } + + public System.Threading.Tasks.Task bulkUpdateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest(); + inValue.bulkUpdateCertificateStatusRequest1 = bulkUpdateCertificateStatusRequest1; + return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).bulkUpdateCertificateStatusAsync(inValue); + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.updateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request) { + return base.Channel.updateCertificateStatus(request); + } + + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType updateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest(); + inValue.updateCertificateStatusRequest1 = updateCertificateStatusRequest1; + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).updateCertificateStatus(inValue); + return retVal.updateCertificateStatusResponse1; + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + System.Threading.Tasks.Task Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.updateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request) { + return base.Channel.updateCertificateStatusAsync(request); + } + + public System.Threading.Tasks.Task updateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest(); + inValue.updateCertificateStatusRequest1 = updateCertificateStatusRequest1; + return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).updateCertificateStatusAsync(inValue); + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.searchCertificate(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request) { + return base.Channel.searchCertificate(request); + } + + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType searchCertificate(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest(); + inValue.searchCertificateRequest1 = searchCertificateRequest1; + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).searchCertificate(inValue); + return retVal.searchCertificateResponse1; + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + System.Threading.Tasks.Task Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.searchCertificateAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request) { + return base.Channel.searchCertificateAsync(request); + } + + public System.Threading.Tasks.Task searchCertificateAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest(); + inValue.searchCertificateRequest1 = searchCertificateRequest1; + return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).searchCertificateAsync(inValue); + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.keyRecovery(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request) { + return base.Channel.keyRecovery(request); + } + + public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType keyRecovery(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest(); + inValue.requestKeyRecoveryMessage = requestKeyRecoveryMessage; + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).keyRecovery(inValue); + return retVal.requestKeyRecoveryResponseMessage; + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + System.Threading.Tasks.Task Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.keyRecoveryAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request) { + return base.Channel.keyRecoveryAsync(request); + } + + public System.Threading.Tasks.Task keyRecoveryAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage) { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest(); + inValue.requestKeyRecoveryMessage = requestKeyRecoveryMessage; + return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).keyRecoveryAsync(inValue); + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.printMyBean(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request) { + return base.Channel.printMyBean(request); + } + + public void printMyBean() { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest(); + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).printMyBean(inValue); + } + + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)] + System.Threading.Tasks.Task Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.printMyBeanAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request) { + return base.Channel.printMyBeanAsync(request); + } + + public System.Threading.Tasks.Task printMyBeanAsync() { + Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest(); + return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).printMyBeanAsync(inValue); + } + } +} diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap new file mode 100644 index 0000000..11bda57 --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap @@ -0,0 +1,32 @@ + + + + false + true + true + + false + false + false + + + true + Auto + true + true + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.wsdl b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.wsdl new file mode 100644 index 0000000..c49a813 --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.wsdl @@ -0,0 +1,109 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd new file mode 100644 index 0000000..8fc7dcb --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd @@ -0,0 +1,165 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration.svcinfo b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration.svcinfo new file mode 100644 index 0000000..63ad000 --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration.svcinfo @@ -0,0 +1,11 @@ + + + + + + + + + + + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration91.svcinfo b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration91.svcinfo new file mode 100644 index 0000000..b49166e --- /dev/null +++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration91.svcinfo @@ -0,0 +1,310 @@ + + + + + + + certificateManagementServiceSOAPBinding + + + + + + + + + + + + + + + + + + + + + StrongWildcard + + + + + + 65536 + + + + + + + + + System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement + + + 0 + + + 0 + + + 0 + + + 0 + + + 0 + + + System.Text.UTF8Encoding + + + Buffered + + + + + + Text + + + System.ServiceModel.Configuration.BasicHttpSecurityElement + + + Transport + + + System.ServiceModel.Configuration.HttpTransportSecurityElement + + + None + + + None + + + System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement + + + Never + + + TransportSelected + + + (Collection) + + + + + + System.ServiceModel.Configuration.BasicHttpMessageSecurityElement + + + UserName + + + Default + + + + + + + certificateManagementServiceSOAPBinding1 + + + + + + + + + + + + + + + + + + + + + StrongWildcard + + + + + + 65536 + + + + + + + + + System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement + + + 0 + + + 0 + + + 0 + + + 0 + + + 0 + + + System.Text.UTF8Encoding + + + Buffered + + + + + + Text + + + System.ServiceModel.Configuration.BasicHttpSecurityElement + + + None + + + System.ServiceModel.Configuration.HttpTransportSecurityElement + + + None + + + None + + + System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement + + + Never + + + TransportSelected + + + (Collection) + + + + + + System.ServiceModel.Configuration.BasicHttpMessageSecurityElement + + + UserName + + + Default + + + + + + + + + https://pki-ws.symauth.com:443/pki-ws/certificateManagementService + + + + + + basicHttpBinding + + + certificateManagementServiceSOAPBinding + + + DigicertMPKISOAP.CertificateManagementOperations + + + System.ServiceModel.Configuration.AddressHeaderCollectionElement + + + <Header /> + + + System.ServiceModel.Configuration.IdentityElement + + + System.ServiceModel.Configuration.UserPrincipalNameElement + + + + + + System.ServiceModel.Configuration.ServicePrincipalNameElement + + + + + + System.ServiceModel.Configuration.DnsElement + + + + + + System.ServiceModel.Configuration.RsaElement + + + + + + System.ServiceModel.Configuration.CertificateElement + + + + + + System.ServiceModel.Configuration.CertificateReferenceElement + + + My + + + LocalMachine + + + FindBySubjectDistinguishedName + + + + + + False + + + certificateManagementServiceSOAP + + + + + + + + + + + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Constants.cs b/DigiCertSymCaProxy/Constants.cs index 1932241..3c80669 100644 --- a/DigiCertSymCaProxy/Constants.cs +++ b/DigiCertSymCaProxy/Constants.cs @@ -8,6 +8,8 @@ public class Constants public static string KeyfactorApiUrl = "KeyfactorApiUrl"; public static string KeyfactorApiUserId = "KeyfactorApiUserId"; public static string KeyfactorApiPassword = "KeyfactorApiPassword"; - public static string SeatList = "SeatList"; + public static string EndpointAddress = "EndpointAddress"; + public static string ClientCertificateLocation = "ClientCertificateLocation"; + public static string ClientCertificatePassword = "ClientCertificatePassword"; } } \ No newline at end of file diff --git a/DigiCertSymCaProxy/DigiCertSymProxy.cs b/DigiCertSymCaProxy/DigiCertSymProxy.cs index 8b00892..bb8ada6 100644 --- a/DigiCertSymCaProxy/DigiCertSymProxy.cs +++ b/DigiCertSymCaProxy/DigiCertSymProxy.cs @@ -1,175 +1,210 @@ -using System; -using System.Collections.Concurrent; -using System.Collections.Generic; -using System.Threading; -using System.Threading.Tasks; -using CAProxy.AnyGateway; -using CAProxy.AnyGateway.Interfaces; -using CAProxy.AnyGateway.Models; -using CAProxy.Common; -using CSS.Common.Logging; -using CSS.PKI; -using Keyfactor.AnyGateway.DigiCertSym.Client; -using Keyfactor.AnyGateway.DigiCertSym.Client.Models; -using Keyfactor.AnyGateway.DigiCertSym.Interfaces; -using Newtonsoft.Json; - -namespace Keyfactor.AnyGateway.DigiCertSym -{ - public class DigiCertSymProxy : BaseCAConnector - { - private RequestManager _requestManager; - - public DigiCertSymProxy() - { - } - - private IDigiCertSymClient DigiCertSymClient { get; set; } - - - public override int Revoke(string caRequestId, string hexSerialNumber, uint revocationReason) - { - try - { - Logger.Trace("Staring Revoke Method"); - var revokeRequest = _requestManager.GetRevokeRequest(revocationReason); - - var revokeResponse = - Task.Run(async () => - await DigiCertSymClient.SubmitRevokeCertificateAsync(hexSerialNumber, revokeRequest)) - .Result; - - Logger.Trace($"Revoke Response JSON: {JsonConvert.SerializeObject(revokeResponse)}"); - - var revokeResult = _requestManager.GetRevokeResult(revokeResponse); - - if (revokeResult == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.FAILED)) - throw new Exception("Revoke failed"); - - return revokeResult; - } - catch (Exception e) - { - Logger.Error($"Revoke Error Occurred: {e.Message}"); - throw; - } - } - - [Obsolete] - public override void Synchronize(ICertificateDataReader certificateDataReader, - BlockingCollection blockingBuffer, - CertificateAuthoritySyncInfo certificateAuthoritySyncInfo, CancellationToken cancelToken, - string logicalName) - { - } - - public override void Synchronize(ICertificateDataReader certificateDataReader, - BlockingCollection blockingBuffer, - CertificateAuthoritySyncInfo certificateAuthoritySyncInfo, - CancellationToken cancelToken) - { - try - { - var certs = new BlockingCollection(100); - DigiCertSymClient.SubmitQueryOrderRequestAsync(certs, cancelToken, _requestManager); - - foreach (var currentResponseItem in certs.GetConsumingEnumerable(cancelToken)) - { - if (cancelToken.IsCancellationRequested) - { - Logger.Error("Synchronize was canceled."); - break; - } - - try - { - Logger.Trace($"Took Certificate ID {currentResponseItem?.SerialNumber} from Queue"); - - var certStatus = _requestManager.MapReturnStatus(currentResponseItem?.Status); - - //Keyfactor sync only seems to work when there is a valid cert and I can only get Active valid certs from SSLStore - if (certStatus == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.ISSUED) || certStatus == - Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.REVOKED)) - { - - blockingBuffer.Add(new CAConnectorCertificate - { - CARequestID = - $"{currentResponseItem?.SerialNumber}", - Certificate = currentResponseItem?.Certificate, - SubmissionDate = Convert.ToDateTime(currentResponseItem?.ValidFrom), - Status = certStatus, - ProductID = $"{currentResponseItem?.Profile.Id}" - }, cancelToken); - } - } - catch (OperationCanceledException) - { - Logger.Error("Synchronize was canceled."); - break; - } - } - } - catch (AggregateException aggEx) - { - Logger.Error("SslStore Synchronize Task failed!"); - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - // ReSharper disable once PossibleIntendedRethrow - throw aggEx; - } - - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - } - - [Obsolete] - public override EnrollmentResult Enroll(string csr, string subject, Dictionary san, - EnrollmentProductInfo productInfo, - PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType) - { - return null; - } - - public override EnrollmentResult Enroll(ICertificateDataReader certificateDataReader, string csr, - string subject, Dictionary san, EnrollmentProductInfo productInfo, - PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType) - { - Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); - - EnrollmentRequest enrollmentRequest; - EnrollmentRequest renewRequest; - - try - { - switch (enrollmentType) - { - case RequestUtilities.EnrollmentType.New: - Logger.Trace("Entering New Enrollment"); - //If they renewed an expired cert it gets here and this will not be supported - IEnrollmentResponse enrollmentResponse; - - enrollmentRequest = _requestManager.GetEnrollmentRequest(productInfo, csr, san); - Logger.Trace($"Enrollment Request JSON: {JsonConvert.SerializeObject(enrollmentRequest)}"); - enrollmentResponse = - Task.Run(async () => await DigiCertSymClient.SubmitEnrollmentAsync(enrollmentRequest)) - .Result; - - if (enrollmentResponse?.Result == null) - return new EnrollmentResult - { - Status = 30, //failure - StatusMessage = - $"Enrollment Failed: {_requestManager.FlattenErrors(enrollmentResponse?.RegistrationError.Errors)}" - }; - - - Logger.Trace($"Enrollment Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}"); - - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - return _requestManager.GetEnrollmentResult(enrollmentResponse); - case RequestUtilities.EnrollmentType.Renew: - case RequestUtilities.EnrollmentType.Reissue: +using System; +using System.Collections.Concurrent; +using System.Collections.Generic; +using System.IO; +using System.Text; +using System.Threading; +using System.Threading.Tasks; +using System.Xml.Serialization; +using CAProxy.AnyGateway; +using CAProxy.AnyGateway.Interfaces; +using CAProxy.AnyGateway.Models; +using CAProxy.AnyGateway.Models.Configuration; +using CAProxy.Common; +using CSS.Common.Logging; +using CSS.PKI; +using Keyfactor.AnyGateway.DigiCertSym.Client; +using Keyfactor.AnyGateway.DigiCertSym.Client.Models; +using Keyfactor.AnyGateway.DigiCertSym.Interfaces; +using Newtonsoft.Json; + +namespace Keyfactor.AnyGateway.DigiCertSym +{ + public class DigiCertSymProxy : BaseCAConnector + { + private RequestManager _requestManager; + + private IDigiCertSymClient DigiCertSymClient { get; set; } + + private Dictionary Templates { get; set; } + + + public override int Revoke(string caRequestId, string hexSerialNumber, uint revocationReason) + { + try + { + Logger.Trace("Staring Revoke Method"); + var revokeRequest = _requestManager.GetRevokeRequest(revocationReason); + + var revokeResponse = + Task.Run(async () => + await DigiCertSymClient.SubmitRevokeCertificateAsync(hexSerialNumber, revokeRequest)) + .Result; + + Logger.Trace($"Revoke Response JSON: {JsonConvert.SerializeObject(revokeResponse)}"); + + var revokeResult = _requestManager.GetRevokeResult(revokeResponse); + + if (revokeResult == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.FAILED)) + throw new Exception("Revoke failed"); + + return revokeResult; + } + catch (Exception e) + { + Logger.Error($"Revoke Error Occurred: {e.Message}"); + throw; + } + } + + [Obsolete] + public override void Synchronize(ICertificateDataReader certificateDataReader, + BlockingCollection blockingBuffer, + CertificateAuthoritySyncInfo certificateAuthoritySyncInfo, CancellationToken cancelToken, + string logicalName) + { + } + + public override void Synchronize(ICertificateDataReader certificateDataReader, + BlockingCollection blockingBuffer, + CertificateAuthoritySyncInfo certificateAuthoritySyncInfo, + CancellationToken cancelToken) + { + try + { + //Loop through all the Digicert Profile OIDs that are setup in the config file + foreach (var productModel in Templates.Values) + { + + var pageCounter = 0; + var pageSize = 50; + var result = DigiCertSymClient.SubmitQueryOrderRequest(_requestManager, productModel, pageCounter); + var totalResults = result.certificateCount; + var totalPages = (totalResults + pageSize-1)/pageSize; + + Logger.Trace($"Product Model {productModel} Total Results {totalResults}, Total Pages {totalPages}"); + + if (result.certificateCount > 0) + { + for (var i = 0; i < totalPages; i++) + { + //If you need multiple pages make the request again + if (pageCounter > 0) + { + result = DigiCertSymClient.SubmitQueryOrderRequest(_requestManager, productModel, + pageCounter); + } + + XmlSerializer x = new XmlSerializer(result.GetType()); + TextWriter tw = new StringWriter(); + x.Serialize(tw, result); + Logger.Trace($"Raw Search Cert Soap Response {tw}"); + + foreach (var currentResponseItem in result.certificateList) + { + try + { + Logger.Trace($"Took Certificate ID {currentResponseItem?.serialNumber} from Queue"); + + if (currentResponseItem != null) + { + var certStatus = _requestManager.MapReturnStatus(currentResponseItem.status); + Logger.Trace($"Certificate Status {certStatus}"); + + DateTime dateTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); + + //Keyfactor sync only seems to work when there is a valid cert and I can only get Active valid certs from SSLStore + if (certStatus == + Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.ISSUED) || + certStatus == + Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.REVOKED)) + { + + blockingBuffer.Add(new CAConnectorCertificate + { + CARequestID = + $"{currentResponseItem.serialNumber}", + Certificate = Encoding.UTF8.GetString(currentResponseItem.certificate ?? + Array.Empty()), + SubmissionDate = dateTime.AddSeconds(currentResponseItem.validFrom) + .ToLocalTime(), + Status = certStatus, + ProductID = $"{currentResponseItem.profileOID}" + }, cancelToken); + } + } + } + catch (OperationCanceledException e) + { + Logger.Error($"Synchronize was canceled. {e.Message}"); + break; + } + } + pageCounter += pageSize; + } + } + } + } + catch (AggregateException aggEx) + { + Logger.Error("Digicert mPKI Synchronize Task failed!"); + Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + // ReSharper disable once PossibleIntendedRethrow + throw aggEx; + } + + Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + } + + [Obsolete] + public override EnrollmentResult Enroll(string csr, string subject, Dictionary san, + EnrollmentProductInfo productInfo, + PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType) + { + return null; + } + + public override EnrollmentResult Enroll(ICertificateDataReader certificateDataReader, string csr, + string subject, Dictionary san, EnrollmentProductInfo productInfo, + PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType) + { + Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); + + EnrollmentRequest enrollmentRequest; + EnrollmentRequest renewRequest; + + try + { + switch (enrollmentType) + { + case RequestUtilities.EnrollmentType.New: + Logger.Trace("Entering New Enrollment"); + //If they renewed an expired cert it gets here and this will not be supported + IEnrollmentResponse enrollmentResponse; + + enrollmentRequest = _requestManager.GetEnrollmentRequest(productInfo, csr, san); + Logger.Trace($"Enrollment Request JSON: {JsonConvert.SerializeObject(enrollmentRequest)}"); + enrollmentResponse = + Task.Run(async () => await DigiCertSymClient.SubmitEnrollmentAsync(enrollmentRequest)) + .Result; + + if (enrollmentResponse?.Result == null) + return new EnrollmentResult + { + Status = 30, //failure + StatusMessage = + $"Enrollment Failed: {_requestManager.FlattenErrors(enrollmentResponse?.RegistrationError.Errors)}" + }; + + + Logger.Trace($"Enrollment Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}"); + + Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + return _requestManager.GetEnrollmentResult(enrollmentResponse); + case RequestUtilities.EnrollmentType.Renew: + case RequestUtilities.EnrollmentType.Reissue: Logger.Trace("Entering Renew Enrollment"); - Logger.Trace("Checking To Make sure it is not one click renew (not supported)"); + Logger.Trace("Checking To Make sure it is not one click renew (not supported)"); //KeyFactor needs a better way to detect one click renewals, some flag or something if (productInfo.ProductParameters.Count > 7) { @@ -188,10 +223,10 @@ await DigiCertSymClient.SubmitRenewalAsync(priorCertSn, renewRequest)) StatusMessage = $"Enrollment Failed {_requestManager.FlattenErrors(renewResponse?.RegistrationError.Errors)}" }; - + Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - return _requestManager.GetRenewResponse(renewResponse); - } + return _requestManager.GetRenewResponse(renewResponse); + } else { return new EnrollmentResult @@ -200,82 +235,85 @@ await DigiCertSymClient.SubmitRenewalAsync(priorCertSn, renewRequest)) StatusMessage = "One Click Renew is not available for this integration. Need to specify validity and seat enrollment params." }; - } - - } - - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - return null; - } - catch (Exception e) - { - Logger.Error($"Enrollment Error Occurred: {e.Message}"); - throw; - } - } - - - public override CAConnectorCertificate GetSingleRecord(string caRequestId) - { - try - { - Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); - var keyfactorCaId = caRequestId; - Logger.Trace($"Keyfactor Ca Id: {keyfactorCaId}"); - var certificateResponse = - Task.Run(async () => await DigiCertSymClient.SubmitGetCertificateAsync(keyfactorCaId)) - .Result; - - Logger.Trace($"Single Cert JSON: {JsonConvert.SerializeObject(certificateResponse)}"); - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - return new CAConnectorCertificate - { - CARequestID = keyfactorCaId, - Certificate = certificateResponse.Result.Certificate, - Status = _requestManager.MapReturnStatus(certificateResponse.Result.Status), - SubmissionDate = Convert.ToDateTime(certificateResponse.Result.ValidFrom) - }; - } - catch (Exception e) - { - Logger.Error($"GetSingleRecord Error Occurred: {e.Message}"); - throw; - } - } - - public override void Initialize(ICAConnectorConfigProvider configProvider) - { - try - { - Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); - _requestManager = new RequestManager - { - DnsConstantName = configProvider.CAConnectionData["DnsConstantName"].ToString(), - UpnConstantName = configProvider.CAConnectionData["UpnConstantName"].ToString(), - IpConstantName = configProvider.CAConnectionData["IpConstantName"].ToString(), - EmailConstantName = configProvider.CAConnectionData["EmailConstantName"].ToString() - }; - DigiCertSymClient = new DigiCertSymClient(configProvider); - Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); - } - catch (Exception e) - { - Logger.Error($"Initialize Error Occurred: {e.Message}"); - throw; - } - } - - public override void Ping() - { - } - - public override void ValidateCAConnectionInfo(Dictionary connectionInfo) - { - } - - public override void ValidateProductInfo(EnrollmentProductInfo productInfo, - Dictionary connectionInfo) - { - } - } + } + + } + + Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + return null; + } + catch (Exception e) + { + Logger.Error($"Enrollment Error Occurred: {e.Message}"); + throw; + } + } + + + public override CAConnectorCertificate GetSingleRecord(string caRequestId) + { + try + { + Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); + var keyfactorCaId = caRequestId; + Logger.Trace($"Keyfactor Ca Id: {keyfactorCaId}"); + var certificateResponse = + Task.Run(async () => await DigiCertSymClient.SubmitGetCertificateAsync(keyfactorCaId)) + .Result; + + Logger.Trace($"Single Cert JSON: {JsonConvert.SerializeObject(certificateResponse)}"); + Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + return new CAConnectorCertificate + { + CARequestID = keyfactorCaId, + Certificate = certificateResponse.Result.Certificate, + Status = _requestManager.MapReturnStatus(certificateResponse.Result.Status), + SubmissionDate = Convert.ToDateTime(certificateResponse.Result.ValidFrom) + }; + } + catch (Exception e) + { + Logger.Error($"GetSingleRecord Error Occurred: {e.Message}"); + throw; + } + } + + public override void Initialize(ICAConnectorConfigProvider configProvider) + { + try + { + Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); + var config = (CAConfig)configProvider; + _requestManager = new RequestManager + { + + DnsConstantName = configProvider.CAConnectionData["DnsConstantName"].ToString(), + UpnConstantName = configProvider.CAConnectionData["UpnConstantName"].ToString(), + IpConstantName = configProvider.CAConnectionData["IpConstantName"].ToString(), + EmailConstantName = configProvider.CAConnectionData["EmailConstantName"].ToString() + }; + DigiCertSymClient = new DigiCertSymClient(config); + Templates = config.Config.Templates; + Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); + } + catch (Exception e) + { + Logger.Error($"Initialize Error Occurred: {e.Message}"); + throw; + } + } + + public override void Ping() + { + } + + public override void ValidateCAConnectionInfo(Dictionary connectionInfo) + { + } + + public override void ValidateProductInfo(EnrollmentProductInfo productInfo, + Dictionary connectionInfo) + { + } + } } \ No newline at end of file diff --git a/DigiCertSymCaProxy/DigiCertSymProxy.csproj b/DigiCertSymCaProxy/DigiCertSymProxy.csproj index 3712fbc..a8cb8e2 100644 --- a/DigiCertSymCaProxy/DigiCertSymProxy.csproj +++ b/DigiCertSymCaProxy/DigiCertSymProxy.csproj @@ -68,6 +68,7 @@ + packages\System.Security.Cryptography.Algorithms.4.3.1\lib\net461\System.Security.Cryptography.Algorithms.dll @@ -78,6 +79,8 @@ packages\System.Security.Cryptography.Primitives.4.3.0\lib\net46\System.Security.Cryptography.Primitives.dll + + @@ -88,6 +91,11 @@ + + True + True + Reference.svcmap + @@ -151,8 +159,56 @@ + + + Designer + + + Reference.svcmap + + + Reference.svcmap + + + Reference.svcmap + + + Reference.svcmap + + + Reference.svcmap + + + Reference.svcmap + + + Reference.svcmap + + + Reference.svcmap + + + Reference.svcmap + - + + + + + + + + + + + + + + + WCF Proxy Generator + Reference.cs + + \ No newline at end of file diff --git a/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs b/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs index 98f75ab..61195bb 100644 --- a/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs +++ b/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs @@ -1,7 +1,9 @@ using System.Collections.Concurrent; using System.Threading; using System.Threading.Tasks; +using CAProxy.AnyGateway.Models.Configuration; using Keyfactor.AnyGateway.DigiCertSym.Client.Models; +using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP; namespace Keyfactor.AnyGateway.DigiCertSym.Interfaces { @@ -17,7 +19,7 @@ Task SubmitRenewalAsync(string serialNumber, Task SubmitGetCertificateAsync(string serialNumber); - Task SubmitQueryOrderRequestAsync(BlockingCollection bc, CancellationToken ct, - RequestManager requestManager); + SearchCertificateResponseType SubmitQueryOrderRequest( + RequestManager requestManager, ProductModel template, int pageCounter); } } \ No newline at end of file diff --git a/DigiCertSymCaProxy/RequestManager.cs b/DigiCertSymCaProxy/RequestManager.cs index 655cfa8..7062fbb 100644 --- a/DigiCertSymCaProxy/RequestManager.cs +++ b/DigiCertSymCaProxy/RequestManager.cs @@ -7,6 +7,7 @@ using CSS.Common.Logging; using CSS.PKI; using Keyfactor.AnyGateway.DigiCertSym.Client.Models; +using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP; using Keyfactor.AnyGateway.DigiCertSym.Interfaces; using Newtonsoft.Json; using Newtonsoft.Json.Linq; @@ -70,6 +71,40 @@ public int MapReturnStatus(string digiCertStatus) } } + public int MapReturnStatus(CertificateStatusEnum digiCertStatus) + { + try + { + Logger.Debug("Entering MapReturnStatus(string digiCertStatus) Method..."); + Logger.Trace($"digiCertStatus is {digiCertStatus}"); + PKIConstants.Microsoft.RequestDisposition returnStatus; + + switch (digiCertStatus) + { + case CertificateStatusEnum.VALID: + returnStatus = PKIConstants.Microsoft.RequestDisposition.ISSUED; + break; + case CertificateStatusEnum.SUSPENDED: + returnStatus = PKIConstants.Microsoft.RequestDisposition.REVOKED; + break; + case CertificateStatusEnum.EXPIRED: + returnStatus = PKIConstants.Microsoft.RequestDisposition.REVOKED; + break; + default: + returnStatus = PKIConstants.Microsoft.RequestDisposition.UNKNOWN; + break; + } + Logger.Trace($"returnStatus is {returnStatus}"); + Logger.Debug("Exiting MapReturnStatus(string digiCertStatus) Method..."); + return Convert.ToInt32(returnStatus); + } + catch (Exception e) + { + Logger.Error($"Exception Occurred in MapReturnStatus(string digiCertStatus): {e.Message}"); + throw; + } + } + public RevokeRequest GetRevokeRequest(uint kfRevokeReason) { try @@ -134,18 +169,20 @@ public int GetRevokeResult(IRevokeResponse revokeResponse) } } - public CertificateSearchRequest GetSearchCertificatesRequest(int pageCounter, string seatId) + public SearchCertificateRequestType GetSearchCertificatesRequest(int pageCounter, string templateId) { try { - Logger.Debug("Entering GetSearchCertificatesRequest(int pageCounter, string seatId) Method..."); - Logger.Debug("Exiting GetSearchCertificatesRequest(int pageCounter, string seatId) Method..."); - Logger.Trace($"pageCounter: {pageCounter} seatId: {seatId}"); - return new CertificateSearchRequest + Logger.Debug("Entering GetSearchCertificatesRequest(int pageCounter, string templateId) Method..."); + Logger.Debug("Exiting GetSearchCertificatesRequest(int pageCounter, string templateId) Method..."); + Logger.Trace($"pageCounter: {pageCounter} TemplateId: {templateId}"); + return new SearchCertificateRequestType { - SeatId = seatId, - StartIndex = pageCounter - }; + profileOID = templateId, + startIndex= pageCounter, + startIndexSpecified=true, + version = "1.0" + }; } catch (Exception e) { @@ -404,7 +441,7 @@ internal string FlattenErrors(List errors) { Logger.Debug("Entering in FlattenErrors(List errors) Method..."); var errorMessage = string.Empty; - foreach (var error in errors) errorMessage += "Code: " + error.Code + " Message: " + error.Message + "Field Name: " + error?.Field + "\n"; + foreach (var error in errors) errorMessage += "Code: " + error.Code + " Message: " + error.Message + "Field Name: " + error.Field + "\n"; Logger.Debug("Exiting in FlattenErrors(List errors) Method..."); return errorMessage; } diff --git a/DigiCertSymCaProxy/app.config b/DigiCertSymCaProxy/app.config index 0517dc5..1cf1443 100644 --- a/DigiCertSymCaProxy/app.config +++ b/DigiCertSymCaProxy/app.config @@ -20,4 +20,20 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/README.md b/README.md index 82f6a56..8bb6bc4 100644 --- a/README.md +++ b/README.md @@ -130,7 +130,11 @@ the CA. Without the imported configuration, the service will fail to start. 4) **KeyfactorApiPassword** - Password for user in Keyfactor with access to Keyfactor API for REST API Calls to Keyfactor 5) **KeyfactorApiUrl** - URL for Keyfactor API for REST API Calls to Keyfactor 6) **SeatList** - Comma Separated list of Seats to inventory for the Gateway inventory process -7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup. +7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup. Try the default values first and they can be adjusted if errors occur. +8) **ClientCertificateLocation** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section. This is the location of the pfx to use for the client certificate. +9) **ClientCertificatePassword** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section. This is the password for the PFX file to use for the client certificate. +8) **EndpointAddress** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section. This is endpoint address for the SOAP API. You will want a differnt value than the test version in production. + ``` "CAConnection": { "DigiCertSymUrl": "https://pki-ws-rest.symauth.com/mpki/api/v1", @@ -138,16 +142,16 @@ the CA. Without the imported configuration, the service will fail to start. "KeyfactorApiUserId": "Keyfactor\\Administrator", "KeyfactorApiPassword": "Password1", "KeyfactorApiUrl": "https://kftrain.keyfactor.lab/KeyfactorAPI", - "SeatList": "Keyfactor Portal,www.boingy.com", - "DnsConstantName":"dnsName", - "UpnConstantName":"otherNameUPN", - "IpConstantName":"san_ipAddress", - "EmailConstantName":"mail_email" + "DnsConstantName": "dnsName", + "UpnConstantName": "otherNameUPN", + "IpConstantName": "san_ipAddress", + "EmailConstantName": "mail_email", + "ClientCertificateLocation": "C:\\Program Files\\Keyfactor\\Keyfactor AnyGateway\\KeyfactorMPki.pfx", + "ClientCertificatePassword": "SomePassword!", + "EndpointAddress": "https://pki-ws.symauth.com/pki-ws/certificateManagementService" } ``` - - - **Template Settings** 1) **ProductID** - OID for profile generated in Digicert mPKI 2) **EnrollmentTemplate** - Template JSON used to generate a enrollment request explained later in this document @@ -240,6 +244,33 @@ Enrollment Format Specifications Located [here](https://pki-ws-rest.symauth.com/ 1) **Command Server** - Install a tempate into Active Directory to match each profile that you want to integrate with in DigiCertSym mPKI +### SOAP Inventory Setup + +The Digicert mPKI REST API does not support inventory so the SOAP API is required to inventory all of the certs for the profiles listed in config.json file. +In order to use the SOAP API, you need a client certificate from the Digicert mPKI Portal. The steps to obtain a certfificate are outlined in the documentation +listed [here](https://knowledge.digicert.com/content/dam/digicertknowledgebase/attachments/pki-platform/soap-api-client-package/pki-web-services-developers-guide.pdf). + +1) Follow the instructions in section 2.6.1 of the above document. +2) Export the keystore to a PFX file with a similar command that is listed below: +```keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki3.pfx -deststoretype PKCS12``` +3) Import the PFX Certificate to the computer it was generated on. +4) Export the PFX to a file from that same machine's certificate store and copy it to the same directory where the config.json is located. + +Sample Commands for a Test Envrionment are below: +``` +keytool -genkey -alias pki_ra -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -dname "CN=pki_ra" -keypass SomePassword -keystore KeyfactorMPki3 -storepass SomePassword + +keytool -certreq -alias pki_ra -sigalg SHA256withRSA -file pki_raCSR.req -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -import -alias pki_ra -file cert.p7b -noprompt -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -import -trustcacerts -alias pki_ca -file SYMC_Test_Drive_RA_Intermediate_CA.cer -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -import -trustcacerts -alias root -file SYMC_Managed_PKI_Infrastructure_Test_Drive_Root.cer -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki2.pfx -deststoretype PKCS12 +``` + ### Certificate Authority Installation 1) **Gateway Server** - Start the Keyfactor Gateway Service 2) Run the set Gateway command similar to below diff --git a/README.md.tpl b/README.md.tpl index 9dd2beb..9acca88 100644 --- a/README.md.tpl +++ b/README.md.tpl @@ -130,7 +130,11 @@ the CA. Without the imported configuration, the service will fail to start. 4) **KeyfactorApiPassword** - Password for user in Keyfactor with access to Keyfactor API for REST API Calls to Keyfactor 5) **KeyfactorApiUrl** - URL for Keyfactor API for REST API Calls to Keyfactor 6) **SeatList** - Comma Separated list of Seats to inventory for the Gateway inventory process -7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup. +7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup. Try the default values first and they can be adjusted if errors occur. +8) **ClientCertificateLocation** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section. This is the location of the pfx to use for the client certificate. +9) **ClientCertificatePassword** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section. This is the password for the PFX file to use for the client certificate. +8) **EndpointAddress** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section. This is endpoint address for the SOAP API. You will want a differnt value than the test version in production. + ``` "CAConnection": { "DigiCertSymUrl": "https://pki-ws-rest.symauth.com/mpki/api/v1", @@ -138,16 +142,16 @@ the CA. Without the imported configuration, the service will fail to start. "KeyfactorApiUserId": "Keyfactor\\Administrator", "KeyfactorApiPassword": "Password1", "KeyfactorApiUrl": "https://kftrain.keyfactor.lab/KeyfactorAPI", - "SeatList": "Keyfactor Portal,www.boingy.com", - "DnsConstantName":"dnsName", - "UpnConstantName":"otherNameUPN", - "IpConstantName":"san_ipAddress", - "EmailConstantName":"mail_email" + "DnsConstantName": "dnsName", + "UpnConstantName": "otherNameUPN", + "IpConstantName": "san_ipAddress", + "EmailConstantName": "mail_email", + "ClientCertificateLocation": "C:\\Program Files\\Keyfactor\\Keyfactor AnyGateway\\KeyfactorMPki.pfx", + "ClientCertificatePassword": "SomePassword!", + "EndpointAddress": "https://pki-ws.symauth.com/pki-ws/certificateManagementService" } ``` - - - **Template Settings** 1) **ProductID** - OID for profile generated in Digicert mPKI 2) **EnrollmentTemplate** - Template JSON used to generate a enrollment request explained later in this document @@ -240,6 +244,33 @@ Enrollment Format Specifications Located [here](https://pki-ws-rest.symauth.com/ 1) **Command Server** - Install a tempate into Active Directory to match each profile that you want to integrate with in DigiCertSym mPKI +### SOAP Inventory Setup + +The Digicert mPKI REST API does not support inventory so the SOAP API is required to inventory all of the certs for the profiles listed in config.json file. +In order to use the SOAP API, you need a client certificate from the Digicert mPKI Portal. The steps to obtain a certfificate are outlined in the documentation +listed [here](https://knowledge.digicert.com/content/dam/digicertknowledgebase/attachments/pki-platform/soap-api-client-package/pki-web-services-developers-guide.pdf). + +1) Follow the instructions in section 2.6.1 of the above document. +2) Export the keystore to a PFX file with a similar command that is listed below: +```keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki3.pfx -deststoretype PKCS12``` +3) Import the PFX Certificate to the computer it was generated on. +4) Export the PFX to a file from that same machine's certificate store and copy it to the same directory where the config.json is located. + +Sample Commands for a Test Envrionment are below: +``` +keytool -genkey -alias pki_ra -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -dname "CN=pki_ra" -keypass SomePassword -keystore KeyfactorMPki3 -storepass SomePassword + +keytool -certreq -alias pki_ra -sigalg SHA256withRSA -file pki_raCSR.req -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -import -alias pki_ra -file cert.p7b -noprompt -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -import -trustcacerts -alias pki_ca -file SYMC_Test_Drive_RA_Intermediate_CA.cer -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -import -trustcacerts -alias root -file SYMC_Managed_PKI_Infrastructure_Test_Drive_Root.cer -keystore KeyfactorMPki2 -storepass SomePassword + +keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki2.pfx -deststoretype PKCS12 +``` + ### Certificate Authority Installation 1) **Gateway Server** - Start the Keyfactor Gateway Service 2) Run the set Gateway command similar to below diff --git a/SampleConfig.json b/SampleConfig.json index 5824ca9..eabb3c5 100644 --- a/SampleConfig.json +++ b/SampleConfig.json @@ -25,11 +25,14 @@ "KeyfactorApiUserId": "Keyfactor\\Administrator", "KeyfactorApiPassword": "Password1", "KeyfactorApiUrl": "https://kftrain.keyfactor.lab/KeyfactorAPI", - "SeatList": "Keyfactor Portal,www.boingy.com", + "SeatList": "NonExistingKey,Key2,Keyfactor Portal,www.wakko.com", "DnsConstantName": "dnsName", "UpnConstantName": "otherNameUPN", "IpConstantName": "san_ipAddress", - "EmailConstantName": "mail_email" + "EmailConstantName": "mail_email", + "ClientCertificateLocation": "C:\\Program Files\\Keyfactor\\Keyfactor AnyGateway\\KeyfactorMPki.pfx", + "ClientCertificatePassword": "SomePassword", + "EndpointAddress": "https://pki-ws.symauth.com/pki-ws/certificateManagementService" }, "Templates": { "Microsoft Wi-Fi (Test Drive)": { @@ -65,4 +68,4 @@ "FullScanPeriodHours": 1, "PartialScanPeriodMinutes": 1 } -} +} \ No newline at end of file