48988 update read me

.github/workflows/keyfactor-starter-workflow.yml

@@ -1,44 +1,19 @@
-name: Starter Workflow
-on: [workflow_dispatch, push, pull_request]
+name: Keyfactor Bootstrap Workflow
 
-jobs:
-  call-create-github-release-workflow:
-    uses: Keyfactor/actions/.github/workflows/github-release.yml@main
-
-  get-manifest-properties:
-    runs-on: windows-latest
-    outputs:
-      update_catalog: ${{ steps.read-json.outputs.prop }}
-    steps:
-      - uses: actions/checkout@v3
-      - name: Read json
-        id: read-json
-        shell: pwsh
-        run: |
-          $json = Get-Content integration-manifest.json | ConvertFrom-Json
-          echo "::set-output name=prop::$(echo $json.update_catalog)"
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, closed, synchronize, edited, reopened]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
 
-  call-dotnet-build-and-release-workflow:
-    needs: [call-create-github-release-workflow]
-    uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main
-    with:
-      release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
-      release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }}
-      release_dir: IISU/bin/Release/net6.0
-    secrets: 
-      token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }}
-
-  call-generate-readme-workflow:
-    if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
-    uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/starter.yml@v2
     secrets:
-      token: ${{ secrets.APPROVE_README_PUSH }}
-
-  call-update-catalog-workflow:
-    needs: get-manifest-properties
-    if: needs.get-manifest-properties.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
-    uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main
-    secrets: 
-      token: ${{ secrets.SDK_SYNC_PAT }}
-
-
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}

CHANGELOG.md

@@ -1,6 +1,7 @@
 2.3.0
 * Added Sql Server Binding Support
-
+* Modified WinCert Advanced PrivateKeyAllowed setting from Required to Optional
+
 2.2.2
 * Removed empty constructor to resolve PAM provider error when using WinCert store types
 

README.md

@@ -155,7 +155,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 Store Path Type	| Multiple Choice | Determines what restrictions are applied to the store path field when configuring a new store.
 Store Path Value | My,WebHosting | Comma separated list of options configure multiple choice. This, combined with the hostname, will determine the location used for the certificate store management and inventory.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/IISUCertStoreAdv.png)
@@ -297,7 +297,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 --|--|--
 Store Path Type	| Freeform | Allows users to type in a valid certificate store.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Typically the personal store would have private keys, whereas trusted root would not.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/WinCertAdvanced.png)

integration-manifest.json

@@ -4,6 +4,7 @@
   "name": "WinCertStore Orchestrator",
   "status": "production",
   "link_github": true,
+  "release_dir": "IISU/bin/Release/net6.0",
   "update_catalog": true,
   "support_level": "kf-supported",
   "description": "The Windows Certificate Store Orchestrator Extension implements two certificate store types. 1) “WinCert” which manages certificates in a Windows local machine store, and 2) “IISU” which manages certificates and their bindings in a Windows local machine store that are bound to Internet Information Server (IIS) websites. These extensions replace the now deprecated “IIS” cert store type that ships with Keyfactor Command. The “IISU” extension also replaces the “IISBin” certificate store type from prior versions of this repository. This orchestrator extension is in the process of being renamed from “IIS Orchestrator” as it now supports certificates that are not in use by IIS.",

readme_source.md

@@ -54,7 +54,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 Store Path Type	| Multiple Choice | Determines what restrictions are applied to the store path field when configuring a new store.
 Store Path Value | My,WebHosting | Comma separated list of options configure multiple choice. This, combined with the hostname, will determine the location used for the certificate store management and inventory.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/IISUCertStoreAdv.png)
@@ -196,7 +196,7 @@ CONFIG ELEMENT | VALUE | DESCRIPTION
 --|--|--
 Store Path Type	| Freeform | Allows users to type in a valid certificate store.
 Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias.
-Private Keys | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be useless.
+Private Keys | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Typically the personal store would have private keys, whereas trusted root would not.
 PFX Password Style | Default or Custom | "Default" - PFX password is randomly generated, "Custom" - PFX password may be specified when the enrollment job is created (Requires the *Allow Custom Password* application setting to be enabled.)
 
 ![](images/WinCertAdvanced.png)