Skip to content

Commit

Permalink
Merge pull request #123 from Keyfactor/release-2.5
Browse files Browse the repository at this point in the history 
Merge 2.5.0 to main
  • Loading branch information
@doebrowsk
doebrowsk authored Dec 10, 2024
2 parents d8b390e + 0daf5a4 commit f24ee50
Show file tree
Hide file tree
Showing 49 changed files with 2,227 additions and 1,070 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/keyfactor-starter-workflow.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,10 @@ on:

jobs:
call-starter-workflow:
uses: keyfactor/actions/.github/workflows/starter.yml@v2
uses: keyfactor/actions/.github/workflows/starter.yml@3.1.2
secrets:
token: ${{ secrets.V2BUILDTOKEN}}
APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
scan_token: ${{ secrets.SAST_TOKEN }}
8 changes: 8 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,11 @@
2.5.0
* Added the Bindings to the end of the thumbprint to make the alias unique.
* Using new IISWebBindings commandlet to use additional SSL flags when binding certificate to website.
* Added multi-platform support for .Net6 and .Net8.
* Updated various PowerShell scripts to handle both .Net6 and .Net8 differences (specifically the absense of the WebAdministration module in PS SDK 7.4.x+)
* Fixed issue to update multiple websites when using the same cert.
* Removed renewal thumbprint logic to update multiple website; each job now updates its own specific certificate.

2.4.4
* Fix an issue with WinRM parameters when migrating Legacy IIS Stores to the WinCert type
* Fix an issue with "Delete" script in the Legacy IIS Migration that did not remove some records from dependent tables
Expand Down
21 changes: 2 additions & 19 deletions IISU/CertificateStore.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,38 +181,21 @@ public static List<CurrentInventoryItem> GetIISBoundCertificates(Runspace runSpa

if (foundCert == null) continue;

var sniValue = "";
switch (Convert.ToInt16(binding.Properties["sniFlg"]?.Value))
{
case 0:
sniValue = "0 - No SNI";
break;
case 1:
sniValue = "1 - SNI Enabled";
break;
case 2:
sniValue = "2 - Non SNI Binding";
break;
case 3:
sniValue = "3 - SNI Binding";
break;
}

var siteSettingsDict = new Dictionary<string, object>
{
{ "SiteName", binding.Properties["Name"]?.Value },
{ "Port", binding.Properties["Bindings"]?.Value.ToString()?.Split(':')[1] },
{ "IPAddress", binding.Properties["Bindings"]?.Value.ToString()?.Split(':')[0] },
{ "HostName", binding.Properties["Bindings"]?.Value.ToString()?.Split(':')[2] },
{ "SniFlag", sniValue },
{ "SniFlag", binding.Properties["sniFlg"]?.Value },
{ "Protocol", binding.Properties["Protocol"]?.Value }
};

myBoundCerts.Add(
new CurrentInventoryItem
{
Certificates = new[] { foundCert.CertificateData },
Alias = thumbPrint,
Alias = thumbPrint + ":" + binding.Properties["Bindings"]?.Value.ToString(),
PrivateKeyEntry = foundCert.HasPrivateKey,
UseChainLevel = false,
ItemStatus = OrchestratorInventoryItemStatus.Unknown,
Expand Down
2 changes: 1 addition & 1 deletion IISU/CertificateStoreException.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore
{
[Serializable]
internal class CertificateStoreException : Exception
public class CertificateStoreException : Exception
{
public CertificateStoreException()
{
Expand Down
9 changes: 8 additions & 1 deletion IISU/ClientPSCertStoreInventory.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
using Keyfactor.Extensions.Orchestrator.WindowsCertStore.IISU;
using Keyfactor.Logging;
using Microsoft.Extensions.Logging;
using System;
Expand All @@ -21,9 +22,15 @@

namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore
{
abstract class ClientPSCertStoreInventory
public abstract class ClientPSCertStoreInventory
{
private ILogger _logger;

protected ClientPSCertStoreInventory()
{
_logger = LogHandler.GetClassLogger<ClientPSCertStoreInventory>();
}

public ClientPSCertStoreInventory(ILogger logger)
{
_logger = logger;
Expand Down
13 changes: 9 additions & 4 deletions IISU/ClientPSCertStoreManager.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@

namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore
{
internal class ClientPSCertStoreManager
public class ClientPSCertStoreManager
{
private ILogger _logger;
private Runspace _runspace;
Expand All @@ -40,6 +40,11 @@ public X509Certificate2 X509Cert
get { return x509Cert; }
}

public ClientPSCertStoreManager(Runspace runSpace)
{
_logger = LogHandler.GetClassLogger<ClientPSCertStoreManager>();
_runspace = runSpace;
}

public ClientPSCertStoreManager(ILogger logger, Runspace runSpace, long jobNumber)
{
Expand Down Expand Up @@ -126,9 +131,9 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
{
ps.Runspace = _runspace;

if (cryptoProviderName == null)
if (string.IsNullOrEmpty(cryptoProviderName))
{
if (privateKeyPassword == null)
if (string.IsNullOrEmpty(privateKeyPassword))
{
// If no private key password is provided, import the pfx file directory to the store using addstore argument
string script = @"
Expand Down Expand Up @@ -179,7 +184,7 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
}
else
{
if (privateKeyPassword == null)
if (string.IsNullOrEmpty(privateKeyPassword))
{
string script = @"
param($pfxFilePath, $cspName, $storePath)
Expand Down
Loading

0 comments on commit f24ee50

Please sign in to comment.