From 3ae46f9437eb4d18e7d0b9dbbb803366e48faf21 Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Tue, 31 Oct 2023 10:04:19 -0400 Subject: [PATCH 1/4] Updated Template install instructions --- readme_source.md | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/readme_source.md b/readme_source.md index 4a8a1fb..1771e70 100644 --- a/readme_source.md +++ b/readme_source.md @@ -137,12 +137,32 @@ the CA. Without the imported configuration, the service will fail to start. ### Template Installation -1) Command Server - Copy and Unzip the Template Setup Files located [Here](https://github.com/Keyfactor/hydrantid-cagateway/raw/main/TemplateSetup.zip) -2) Command Server - Change the Security Settings in the CaTemplateUserSecurity.csv file to the appropriate settings for Test or Production -3) Command Server - Run the CreateTemplate.ps1 file and choose option 1 to create the templates in active directory. - *Note if you get errors the URL to the API or Security is likely wrong. Make sure the API calls are run with an administrator user in KF Command* -4) Command Server - Use the Keyfactor Portal to Import the Templates created in Active Directory in step #3 above - *Note there are default values for the API Url, UserId, and Password. You will have to override the default API Questions to the appropriate values.* +The Template section will map the CA's products to an AD template. +* ```ProductID``` +This is the ID of the HydrantId product to map to the specified template. If you don't know the available product IDs in your Hydrant account, put a placeholder value here and run the Set-KeyfactorGatewayConfig cmdlet according to the AnyGateway documentation. The list of available product IDs will be returned. +* ```ValidityPeriod``` +REQUIRED: The period to use when requesting certs. It could be, Days, Months, Years depending on the Template. +* ```ValidityUnits``` +REQUIRED: The numeric value corresponding to the ValidityPeriod. For years 1 would be 1 year, for days 7 would be 7 days. + + ```json + "Templates": { + "AutoEnrollment - RSA": { + "ProductID": "AutoEnrollment - RSA", + "Parameters": { + "ValidityPeriod": "Years", + "ValidityUnits": 1 + } + }, + "AutoEnrollment - RSA - 7 Day": { + "ProductID": "AutoEnrollment - RSA - 7 Day", + "Parameters": { + "ValidityPeriod": "Days", + "ValidityUnits": 7 + } + } + } + ``` ### Certificate Authority Installation 1) Gateway Server - Start the Keyfactor Gateway Service From 5c670be21111730415d15f5d3b8d4abde4a230b7 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 31 Oct 2023 14:04:56 +0000 Subject: [PATCH 2/4] Update generated README --- README.md | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 199bd7f..70d0912 100644 --- a/README.md +++ b/README.md @@ -168,12 +168,32 @@ the CA. Without the imported configuration, the service will fail to start. ### Template Installation -1) Command Server - Copy and Unzip the Template Setup Files located [Here](https://github.com/Keyfactor/hydrantid-cagateway/raw/main/TemplateSetup.zip) -2) Command Server - Change the Security Settings in the CaTemplateUserSecurity.csv file to the appropriate settings for Test or Production -3) Command Server - Run the CreateTemplate.ps1 file and choose option 1 to create the templates in active directory. - *Note if you get errors the URL to the API or Security is likely wrong. Make sure the API calls are run with an administrator user in KF Command* -4) Command Server - Use the Keyfactor Portal to Import the Templates created in Active Directory in step #3 above - *Note there are default values for the API Url, UserId, and Password. You will have to override the default API Questions to the appropriate values.* +The Template section will map the CA's products to an AD template. +* ```ProductID``` +This is the ID of the HydrantId product to map to the specified template. If you don't know the available product IDs in your Hydrant account, put a placeholder value here and run the Set-KeyfactorGatewayConfig cmdlet according to the AnyGateway documentation. The list of available product IDs will be returned. +* ```ValidityPeriod``` +REQUIRED: The period to use when requesting certs. It could be, Days, Months, Years depending on the Template. +* ```ValidityUnits``` +REQUIRED: The numeric value corresponding to the ValidityPeriod. For years 1 would be 1 year, for days 7 would be 7 days. + + ```json + "Templates": { + "AutoEnrollment - RSA": { + "ProductID": "AutoEnrollment - RSA", + "Parameters": { + "ValidityPeriod": "Years", + "ValidityUnits": 1 + } + }, + "AutoEnrollment - RSA - 7 Day": { + "ProductID": "AutoEnrollment - RSA - 7 Day", + "Parameters": { + "ValidityPeriod": "Days", + "ValidityUnits": 7 + } + } + } + ``` ### Certificate Authority Installation 1) Gateway Server - Start the Keyfactor Gateway Service From acff4447fa9442d9a99e29eab1225074d110450b Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Tue, 31 Oct 2023 13:19:41 -0400 Subject: [PATCH 3/4] fixed package references --- HydrantIdProxy/src/HydrantIdProxy/HydrantIdProxy.csproj | 7 ++----- HydrantIdProxy/src/HydrantIdProxy/packages.config | 3 +++ 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/HydrantIdProxy/src/HydrantIdProxy/HydrantIdProxy.csproj b/HydrantIdProxy/src/HydrantIdProxy/HydrantIdProxy.csproj index c1646fa..3d26feb 100644 --- a/HydrantIdProxy/src/HydrantIdProxy/HydrantIdProxy.csproj +++ b/HydrantIdProxy/src/HydrantIdProxy/HydrantIdProxy.csproj @@ -30,8 +30,8 @@ 4 - - ..\..\packages\Portable.BouncyCastle.1.8.9\lib\net40\BouncyCastle.Crypto.dll + + ..\..\packages\BouncyCastle.1.8.5\lib\BouncyCastle.Crypto.dll ..\..\packages\Keyfactor.AnyGateway.SDK.21.3.2\lib\net462\CAProxy.AnyGateway.Core.dll @@ -60,9 +60,6 @@ ..\..\packages\HawkNet.1.4.4.0\lib\net45\HawkNet.dll - - ..\..\packages\JsonSubTypes.1.8.0\lib\net46\JsonSubTypes.dll - ..\..\packages\Newtonsoft.Json.12.0.3\lib\net45\Newtonsoft.Json.dll diff --git a/HydrantIdProxy/src/HydrantIdProxy/packages.config b/HydrantIdProxy/src/HydrantIdProxy/packages.config index 594601f..398501b 100644 --- a/HydrantIdProxy/src/HydrantIdProxy/packages.config +++ b/HydrantIdProxy/src/HydrantIdProxy/packages.config @@ -1,8 +1,11 @@  + + + From b6eccba42d3c1b7c716309729c549e510cff24ab Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Wed, 8 Nov 2023 16:55:39 +0000 Subject: [PATCH 4/4] Update generated README --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index d89abe2..d2d0dd9 100644 --- a/README.md +++ b/README.md @@ -195,7 +195,6 @@ REQUIRED: The numeric value corresponding to the ValidityPeriod. For years 1 wou } ``` ======= - ### Certificate Authority Installation 1) Gateway Server - Start the Keyfactor Gateway Service 2) Run the set Gateway command similar to below