Release 2.1

CHANGELOG.md

@@ -1,3 +1,7 @@
+v2.1.2
+- Bug fix: Discovery not working against Windows servers
+- Bug fix: Issue running Discovery on Windows servers with one or more spaces in the path
+
 v2.1
 - New RFDER certificate store type added
 - RFPEM modified to now support PKCS#1 private key formats (BEGIN RSA PRIVATE KEY)

README.md

@@ -329,10 +329,14 @@ CURL script to automate certificate store type creation can be found [here](Cert
    
 ## Creating Certificate Stores and Scheduling Discovery Jobs
 
-Please refer to the Keyfactor Command Reference Guide for information on creating certificate stores and scheduling Discovery jobs in Keyfactor Command.  However, there are two fields that are important to highlight here - Client Machine and Store Path.  For Linux orchestrated servers, "Client Machine" should be the DNS or IP address of the remote orchestrated server while "Store Path" is the full path and file name of the file based store, beginning with a forward slash (/).  For Windows orchestrated servers, "Client Machine" should be of the format {protocol}://{dns-or-ip}:{port} where {protocol} is either http or https, {dns-or-ip} is the DNS or IP address of the remote orchestrated server, and {port} is the port where WinRM is listening, by convention usually 5985 for http and 5986 for https.  "Store Path" is the full path and file name of the file based store, beginning with a drive letter (i.e. c:\).  For example valid values for Client Machine and Store Path for Linux and Windows managed servers may look something like:  
+Please refer to the Keyfactor Command Reference Guide for information on creating certificate stores and scheduling Discovery jobs in Keyfactor Command.  However, there are a few fields that are important to highlight here - Client Machine, Store Path (Creating Certificate Stores), and Directories to search (Discovery jobs) and Extensions (Discovery jobs).  For Linux orchestrated servers, "Client Machine" should be the DNS or IP address of the remote orchestrated server while "Store Path" is the full path and file name of the file based store, beginning with a forward slash (/).  For Windows orchestrated servers, "Client Machine" should be of the format {protocol}://{dns-or-ip}:{port} where {protocol} is either http or https, {dns-or-ip} is the DNS or IP address of the remote orchestrated server, and {port} is the port where WinRM is listening, by convention usually 5985 for http and 5986 for https.  "Store Path" is the full path and file name of the file based store, beginning with a drive letter (i.e. c:\).  For example valid values for Client Machine and Store Path for Linux and Windows managed servers may look something like:  
 
 Linux: Client Machine - 127.0.0.1 or MyLinuxServerName; Store Path - /home/folder/path/storename.ext  
 Windows: Client Machine - http<span>s://My.Server.Domain:59</span>86; Store Path - c:\folder\path\storename.ext  
+
+For "Directories to search", you can chain paths with a comma delimiter as documented in the Keyfactor Command Reference Guide, but there is also a special value that can be used instead - fullscan.  Entering fullscan in this field will tell the RemoteFile discovery job to search all available drive letters and recursively search all of them for files matching the other search criteria.  
+
+For "Extensions", a reserved value of noext will cause the RemoteFile discovery job to search for files that do not have an extension.  This value can be chained with other extensions using a comma delimiter.  For example, entering pem,jks,noext will cause the RemoteFile discovery job to search for files with extensions of PEM or JKS or files that do not have extensions.  
 &nbsp;  
 &nbsp;  
 ## Developer Notes

RemoteFile/Discovery.cs

@@ -53,12 +53,12 @@ public JobResult ProcessJob(DiscoveryJobConfiguration config, SubmitDiscoveryUpd
             {
                 string userName = PAMUtilities.ResolvePAMField(_resolver, logger, "Server User Name", config.ServerUsername);
                 string userPassword = PAMUtilities.ResolvePAMField(_resolver, logger, "Server Password", config.ServerPassword);
-
-                certificateStore = new RemoteCertificateStore(config.ClientMachine, userName, userPassword, directoriesToSearch[0].Substring(0, 1) == "/" ? RemoteCertificateStore.ServerTypeEnum.Linux : RemoteCertificateStore.ServerTypeEnum.Windows);
 
-                certificateStore.Initialize();
                 ApplicationSettings.Initialize(this.GetType().Assembly.Location);
 
+                certificateStore = new RemoteCertificateStore(config.ClientMachine, userName, userPassword, directoriesToSearch[0].Substring(0, 1) == "/" ? RemoteCertificateStore.ServerTypeEnum.Linux : RemoteCertificateStore.ServerTypeEnum.Windows);
+                certificateStore.Initialize();
+
                 if (directoriesToSearch.Length == 0)
                     throw new RemoteFileException("Blank or missing search directories for Discovery.");
                 if (extensionsToSearch.Length == 0)

RemoteFile/RemoteCertificateStore.cs

@@ -397,7 +397,7 @@ private List<string> FindStoresWindows(string[] paths, string[] extensions, stri
             List<string> results = new List<string>();
             StringBuilder concatFileNames = new StringBuilder();
 
-            if (paths[0] == FULL_SCAN)
+            if (paths[0].ToLower() == FULL_SCAN)
             {
                 paths = GetAvailableDrives();
                 for (int i = 0; i < paths.Length; i++)
@@ -439,7 +439,7 @@ private string FormatPath(string path)
             logger.MethodEntry(LogLevel.Debug);
             logger.MethodExit(LogLevel.Debug);
 
-            return path + (path.Substring(path.Length - 1) == @"\" ? string.Empty : @"\");
+            return "'" + path + (path.Substring(path.Length - 1) == @"\" ? string.Empty : @"\") + "'";
         }
     }
 

RemoteFile/RemoteHandlers/WinRMHandler.cs

@@ -254,13 +254,5 @@ private string FormatResult(ICollection<PSObject> results)
 
             return rtn.ToString();
         }
-
-        private string FormatFTPPath(string path)
-        {
-            _logger.MethodEntry(LogLevel.Debug);
-            _logger.MethodExit(LogLevel.Debug);
-
-            return path.Substring(0, 1) == @"/" ? path : @"/" + path.Replace("\\", "/");
-        }
     }
 }

integration-manifest.json

@@ -4,6 +4,7 @@
   "name": "Remote File",
   "status": "production",
   "link_github": true,
+  "update_catalog": true,
   "description": "The Remote File Orchestrator allows for the remote management of file-based certificate stores. Discovery, Inventory, and Management functions are supported. The orchestrator performs operations by first converting the certificate store into a BouncyCastle PKCS12Store.",
   "about": {
     "orchestrator": {

readme_source.md

@@ -268,10 +268,14 @@ CURL script to automate certificate store type creation can be found [here](Cert
    
 ## Creating Certificate Stores and Scheduling Discovery Jobs
 
-Please refer to the Keyfactor Command Reference Guide for information on creating certificate stores and scheduling Discovery jobs in Keyfactor Command.  However, there are two fields that are important to highlight here - Client Machine and Store Path.  For Linux orchestrated servers, "Client Machine" should be the DNS or IP address of the remote orchestrated server while "Store Path" is the full path and file name of the file based store, beginning with a forward slash (/).  For Windows orchestrated servers, "Client Machine" should be of the format {protocol}://{dns-or-ip}:{port} where {protocol} is either http or https, {dns-or-ip} is the DNS or IP address of the remote orchestrated server, and {port} is the port where WinRM is listening, by convention usually 5985 for http and 5986 for https.  "Store Path" is the full path and file name of the file based store, beginning with a drive letter (i.e. c:\).  For example valid values for Client Machine and Store Path for Linux and Windows managed servers may look something like:  
+Please refer to the Keyfactor Command Reference Guide for information on creating certificate stores and scheduling Discovery jobs in Keyfactor Command.  However, there are a few fields that are important to highlight here - Client Machine, Store Path (Creating Certificate Stores), and Directories to search (Discovery jobs) and Extensions (Discovery jobs).  For Linux orchestrated servers, "Client Machine" should be the DNS or IP address of the remote orchestrated server while "Store Path" is the full path and file name of the file based store, beginning with a forward slash (/).  For Windows orchestrated servers, "Client Machine" should be of the format {protocol}://{dns-or-ip}:{port} where {protocol} is either http or https, {dns-or-ip} is the DNS or IP address of the remote orchestrated server, and {port} is the port where WinRM is listening, by convention usually 5985 for http and 5986 for https.  "Store Path" is the full path and file name of the file based store, beginning with a drive letter (i.e. c:\).  For example valid values for Client Machine and Store Path for Linux and Windows managed servers may look something like:  
 
 Linux: Client Machine - 127.0.0.1 or MyLinuxServerName; Store Path - /home/folder/path/storename.ext  
 Windows: Client Machine - http<span>s://My.Server.Domain:59</span>86; Store Path - c:\folder\path\storename.ext  
+
+For "Directories to search", you can chain paths with a comma delimiter as documented in the Keyfactor Command Reference Guide, but there is also a special value that can be used instead - fullscan.  Entering fullscan in this field will tell the RemoteFile discovery job to search all available drive letters and recursively search all of them for files matching the other search criteria.  
+
+For "Extensions", a reserved value of noext will cause the RemoteFile discovery job to search for files that do not have an extension.  This value can be chained with other extensions using a comma delimiter.  For example, entering pem,jks,noext will cause the RemoteFile discovery job to search for files with extensions of PEM or JKS or files that do not have extensions.  
 &nbsp;  
 &nbsp;  
 ## Developer Notes