Keyfactor · fiddlermikey · Jul 24, 2024 · Jul 24, 2024
diff --git a/.../workflows/keyfactor-starter-workflow.yml → ...orkflows/keyfactor-bootstrap-workflow.yml b/.../workflows/keyfactor-starter-workflow.yml → ...orkflows/keyfactor-bootstrap-workflow.yml
@@ -11,9 +11,10 @@ on:
 
 jobs:
   call-starter-workflow:
-    uses: keyfactor/actions/.github/workflows/starter.yml@v2
+    uses: keyfactor/actions/.github/workflows/starter.yml@v3
     secrets:
       token: ${{ secrets.V2BUILDTOKEN}}
       APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
       gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
       gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
+      scan_token: ${{ secrets.SAST_TOKEN }}
diff --git a/README.md b/README.md
diff --git a/docs/iisu.md b/docs/iisu.md
diff --git a/docs/wincert.md b/docs/wincert.md
diff --git a/docs/winsql.md b/docs/winsql.md
diff --git a/docsource/iisu.md b/docsource/iisu.md
diff --git a/docsource/overview.md b/docsource/overview.md
@@ -0,0 +1,20 @@
+## Overview
+
+The WinCertStore Universal Orchestrator extension facilitates the remote management of certificates in the Windows Server local machine certificate store. Users can specify the precise certificate store to place certificates by providing the correct store path. For a comprehensive list of local machine certificate stores, you can execute the PowerShell command `Get-ChildItem Cert:\LocalMachine`. The returned list will provide the actual certificate store name to be used when entering store location.
+
+By default, most certificates are stored in the "Personal" (My) and "Web Hosting" (WebHosting) stores. This extension supports four types of jobs: Inventory, Management Add/Remove, and Reenrollment. These jobs enable users to download all certificates, add new certificates, remove existing certificates, and reenroll certificates within the specified certificate stores.
+
+WinRM is used for remote management of the certificate stores and IIS bindings. Proper configuration of WinRM is necessary to allow the orchestrator to manage certificates on the server.
+
+### Certificate Store Types
+
+The WinCertStore Universal Orchestrator extension handles three main types of Certificate Store Types: IISU, WinCert, and WinSql.
+
+- **IISU (IIS Bound Certificates):** Applied to IIS servers, allowing certificates to be bound to IIS sites. This type requires more specific configuration, including site names, IP addresses, ports, and support for Server Name Indication (SNI). 
+
+- **WinCert (Windows Certificates):** Used for general Windows certificates management. It generally involves less configuration compared to IISU and is suitable for managing certificates in standard Windows certificate stores.
+
+- **WinSql (SQL Server Certificates):** Specifically targets SQL Server management, ensuring that certificates are properly bound to SQL Server instances. It includes configurations unique to SQL Server, such as the instance name and whether the SQL service should restart after certificate installation.
+
+Each Certificate Store Type differs in terms of its configuration parameters and the specific use-cases they address. IISU is more tailored for web server environments, whereas WinCert is used for broader Windows environments, and WinSql is focused on database server scenarios.
+
diff --git a/docsource/wincert.md b/docsource/wincert.md
diff --git a/docsource/winsql.md b/docsource/winsql.md