diff --git a/.github/workflows/keyfactor-merge-store-types.yml b/.github/workflows/keyfactor-merge-store-types.yml
deleted file mode 100644
index c70659f..0000000
--- a/.github/workflows/keyfactor-merge-store-types.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-name: Keyfactor Merge Cert Store Types
-on: [workflow_dispatch]
-
-jobs:
-  get-manifest-properties:
-    runs-on: windows-latest
-    outputs:
-      update_catalog: ${{ steps.read-json.outputs.update_catalog }}
-      integration_type:  ${{ steps.read-json.outputs.integration_type }}
-    steps:
-      - uses: actions/checkout@v3
-      - name: Store json
-        id: read-json
-        shell: pwsh
-        run: |
-          $json = Get-Content integration-manifest.json | ConvertFrom-Json
-          $myvar = $json.update_catalog
-          echo "update_catalog=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append
-          $myvar = $json.integration_type
-          echo "integration_type=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append
-
-  call-update-store-types-workflow:
-    needs: get-manifest-properties
-    if: needs.get-manifest-properties.outputs.integration_type == 'orchestrator' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
-    uses: Keyfactor/actions/.github/workflows/update-store-types.yml@main
-    secrets: 
-      token: ${{ secrets.UPDATE_STORE_TYPES }}
diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml
index 81fd2d0..6d8de53 100644
--- a/.github/workflows/keyfactor-starter-workflow.yml
+++ b/.github/workflows/keyfactor-starter-workflow.yml
@@ -1,44 +1,19 @@
-name: Starter Workflow
-on: [workflow_dispatch, push, pull_request]
+name: Keyfactor Bootstrap Workflow
 
-jobs:
-  call-create-github-release-workflow:
-    uses: Keyfactor/actions/.github/workflows/github-release.yml@main
-
-  get-manifest-properties:
-    runs-on: windows-latest
-    outputs:
-      update_catalog: ${{ steps.read-json.outputs.prop }}
-    steps:
-      - uses: actions/checkout@v3
-      - name: Read json
-        id: read-json
-        shell: pwsh
-        run: |
-          $json = Get-Content integration-manifest.json | ConvertFrom-Json
-          echo "::set-output name=prop::$(echo $json.update_catalog)"
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, closed, synchronize, edited, reopened]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
 
-  call-dotnet-build-and-release-workflow:
-    needs: [call-create-github-release-workflow]
-    uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main
-    with:
-      release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
-      release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }}
-      release_dir: IISU/bin/Release/net6.0
-    secrets: 
-      token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }}
-
-  call-generate-readme-workflow:
-    if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
-    uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/starter.yml@v2
     secrets:
-      token: ${{ secrets.APPROVE_README_PUSH }}
-
-  call-update-catalog-workflow:
-    needs: get-manifest-properties
-    if: needs.get-manifest-properties.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
-    uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main
-    secrets: 
-      token: ${{ secrets.SDK_SYNC_PAT }}
-
-
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index c5bf3d0..bb0e71c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,7 @@
 2.3.0
 * Added Sql Server Binding Support
-  
+* Modified WinCert Advanced PrivateKeyAllowed setting from Required to Optional
+
 2.2.2
 * Removed empty constructor to resolve PAM provider error when using WinCert store types
 
diff --git a/README.md b/README.md
index 3b05b52..24ff2bc 100644
--- a/README.md
+++ b/README.md
@@ -155,7 +155,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 Store Path Type	| Multiple Choice | Determines what restrictions are applied to the store path field when configuring a new store.
 Store Path Value | My,WebHosting | Comma separated list of options configure multiple choice. This, combined with the hostname, will determine the location used for the certificate store management and inventory.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/IISUCertStoreAdv.png)
@@ -297,7 +297,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 --|--|--
 Store Path Type	| Freeform | Allows users to type in a valid certificate store.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Typically the personal store would have private keys, whereas trusted root would not.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/WinCertAdvanced.png)
diff --git a/images/WinCertAdvanced.png b/images/WinCertAdvanced.png
index feef117..ff66e5c 100644
Binary files a/images/WinCertAdvanced.png and b/images/WinCertAdvanced.png differ
diff --git a/integration-manifest.json b/integration-manifest.json
index f558b94..d1ddae8 100644
--- a/integration-manifest.json
+++ b/integration-manifest.json
@@ -4,6 +4,7 @@
   "name": "WinCertStore Orchestrator",
   "status": "production",
   "link_github": true,
+  "release_dir": "IISU/bin/Release/net6.0",
   "update_catalog": true,
   "support_level": "kf-supported",
   "description": "The Windows Certificate Store Orchestrator Extension implements two certificate store types. 1) “WinCert” which manages certificates in a Windows local machine store, and 2) “IISU” which manages certificates and their bindings in a Windows local machine store that are bound to Internet Information Server (IIS) websites. These extensions replace the now deprecated “IIS” cert store type that ships with Keyfactor Command. The “IISU” extension also replaces the “IISBin” certificate store type from prior versions of this repository. This orchestrator extension is in the process of being renamed from “IIS Orchestrator” as it now supports certificates that are not in use by IIS.",
diff --git a/readme_source.md b/readme_source.md
index 02a6d47..eb228fd 100644
--- a/readme_source.md
+++ b/readme_source.md
@@ -54,7 +54,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 Store Path Type	| Multiple Choice | Determines what restrictions are applied to the store path field when configuring a new store.
 Store Path Value | My,WebHosting | Comma separated list of options configure multiple choice. This, combined with the hostname, will determine the location used for the certificate store management and inventory.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/IISUCertStoreAdv.png)
@@ -196,7 +196,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 --|--|--
 Store Path Type	| Freeform | Allows users to type in a valid certificate store.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Typically the personal store would have private keys, whereas trusted root would not.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/WinCertAdvanced.png)