Merge 7996c48 into 735b717

.github/workflows/keyfactor-bootstrap-workflow.yml

@@ -0,0 +1,19 @@
+name: Keyfactor Bootstrap Workflow
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, closed, synchronize, edited, reopened]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
+
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/starter.yml@v2
+    secrets:
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}

CHANGELOG.md

@@ -0,0 +1,6 @@
+- 1.0.1
+  - Switched order of cert/key submission
+  - additional logging
+
+- 1.0.0
+  - initial release

README.md

@@ -1,16 +1,23 @@
+
 # Orchestrator Extension for Alteon Load Balancer
 
 The Alteon Load Balancer integration allows you to manage certificates within the Alteon Load Balancer device.
 
-#### Integration status: Prototype - Demonstration quality. Not for use in customer environments.
+#### Integration status: Production - Ready for use in production environments.
+
+## About the Keyfactor Universal Orchestrator Extension
+
+This repository contains a Universal Orchestrator Extension which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications.
 
-## About the Keyfactor Universal Orchestrator Capability
+The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Extensions, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Extension see below in this readme.
 
-This repository contains a Universal Orchestrator Capability which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications.
+The Universal Orchestrator is the successor to the Windows Orchestrator. This Orchestrator Extension plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator.
 
-The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Capabilities, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Capability, see below in this readme.
+## Support for Orchestrator Extension for Alteon Load Balancer
+
+Orchestrator Extension for Alteon Load Balancer is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket via the Keyfactor Support Portal at https://support.keyfactor.com
 
-The Universal Orchestrator is the successor to the Windows Orchestrator. This Capability plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator.
+###### To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.
 
 
 
@@ -22,12 +29,12 @@ Orchestrator Extension for Alteon Load Balancer is supported by Keyfactor for Ke
 ___
 
 
-
 ---
 
 
+## Keyfactor Version Supported
 
-
+The minimum version of the Keyfactor Universal Orchestrator Framework needed to run this version of the extension is 10.4
 ## Platform Specific Notes
 
 The Keyfactor Universal Orchestrator may be installed on either Windows or Linux based platforms. The certificate operations supported by a capability may vary based what platform the capability is installed on. The table below indicates what capabilities are supported based on which platform the encompassing Universal Orchestrator is running.
@@ -37,12 +44,10 @@ The Keyfactor Universal Orchestrator may be installed on either Windows or Linux
 |Supports Management Remove|✓ |✓ |
 |Supports Create Store|  |  |
 |Supports Discovery|  |  |
-|Supports Renrollment|  |  |
+|Supports Reenrollment|  |  |
 |Supports Inventory|✓ |✓ |
 
 
-
-
 ---
 
 
@@ -137,3 +142,6 @@ The steps to do this are:
 
 [Apache](https://apache.org/licenses/LICENSE-2.0)
 
+When creating cert store type manually, that store property names and entry parameter names are case sensitive
+
+

alteon-orchestrator.sln

@@ -1,12 +1,13 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.32413.511
+# Visual Studio Version 17
+VisualStudioVersion = 17.9.34902.65
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "alteon-orchestrator", "alteon-orchestrator\alteon-orchestrator.csproj", "{E3D51525-B1FB-4B14-B7AD-0430A8718DEE}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{583BA6E4-B528-45FE-B027-3ECE30FB7500}"
 	ProjectSection(SolutionItems) = preProject
+		CHANGELOG.md = CHANGELOG.md
 		integration-manifest.json = integration-manifest.json
 		readme_source.md = readme_source.md
 	EndProjectSection

alteon-orchestrator/AlteonLoadBalancerClient.cs

@@ -32,11 +32,11 @@ public AlteonLoadBalancerClient(string baseUrl, string username, string password
         {
             var options = new RestClientOptions(baseUrl)
             {
-                RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true
+                RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true,
+                Authenticator = new HttpBasicAuthenticator(username, password)
+
             };
             _restClient = new RestClient(options);
-
-            _restClient.Authenticator = new HttpBasicAuthenticator(username, password);
         }
 
         public async Task<CertificateTableEntryCollection> GetCertificates()
@@ -77,9 +77,14 @@ public async Task<CertificateTableEntryCollection> GetCertificatesById(string id
 
         public string GetCertificateContent(string certId)
         {
+            logger.MethodEntry();
             var request = new RestRequest(Endpoints.CertificateContent);
             request.AddQueryParameter("id", certId);
             request.AddQueryParameter("type", "srvcrt");
+            var fullUri = _restClient.BuildUri(request);
+
+            logger.LogTrace($"making request to get certificate to uri: {fullUri}");
+
             try
             {
                 var response = _restClient.DownloadData(request);
@@ -96,13 +101,16 @@ public string GetCertificateContent(string certId)
 
         public async Task AddCertificate(string alias, string pfxPassword, string certContents, string type)
         {
+            logger.MethodEntry();
             var request = new RestRequest(Endpoints.AddCertificate, Method.Post);
             request.AddQueryParameter("id", alias);
             request.AddQueryParameter("type", type);
             request.AddQueryParameter("passphrase", pfxPassword);
             request.AddQueryParameter("src", "txt");
 
             request.AddBody(certContents);
+            var fullUri = _restClient.BuildUri(request);
+            logger.LogTrace($"posting certificate to the uri {fullUri}");
 
             try
             {
@@ -117,10 +125,13 @@ public async Task AddCertificate(string alias, string pfxPassword, string certCo
                 logger.LogError(ex.Message, ex);
                 throw;
             }
+            logger.MethodExit();
         }
 
         internal async Task RemoveCertificate(string alias)
         {
+            logger.MethodEntry();
+
             var existing = (await GetCertificatesById(alias)).SlbNewSslCfgCertsTable;
             if (existing.Count == 0)
             {
@@ -132,7 +143,8 @@ internal async Task RemoveCertificate(string alias)
                 {
                     var url = $"{Endpoints.CertificateRepository}/{c.ID}/{c.Type}";
                     var request = new RestRequest(url, Method.Delete);
-
+                    var fullUri = _restClient.BuildUri(request);
+                    logger.LogTrace($"making request to remove certificate to uri {fullUri}");
                     var response = _restClient.DeleteAsync(request).Result;
 
                     if (!response.IsSuccessful)
@@ -146,6 +158,7 @@ internal async Task RemoveCertificate(string alias)
                 logger.LogError(ex.Message, ex);
                 throw;
             }
+            logger.MethodExit();
         }
     }
 }

alteon-orchestrator/Jobs/Management.cs

@@ -110,12 +110,16 @@ protected virtual async Task<JobResult> PerformAddition(string alias, string pfx
                 {
                     if (certType == AlteonCertTypes.CERTIFICATE_AND_KEY)
                     {
-                        // add key and cert separately.
-                        await aClient.AddCertificate(alias, pfxPassword, pemCert, AlteonCertTypes.CERT_ONLY);
+                        // add key and cert separately.  
+                        // this needs to be done in the following order: key, then cert (per Alteon support)                        
+                        logger.LogTrace($"adding key and then certificate for certificate with alias {alias}");
+
                         await aClient.AddCertificate(alias, pfxPassword, pemKey, AlteonCertTypes.KEY_ONLY);
+                        await aClient.AddCertificate(alias, pfxPassword, pemCert, AlteonCertTypes.CERT_ONLY);
                     }
                     else
                     {
+                        logger.LogTrace($"Adding certificate only for certificate with alias {alias}");
                         await aClient.AddCertificate(alias, pfxPassword, pemCert, certType);
                     }
                     complete.Result = OrchestratorJobStatusJobResult.Success;

alteon-orchestrator/alteon-orchestrator.csproj

@@ -20,7 +20,7 @@
     <PackageReference Include="Keyfactor.Orchestrators.IOrchestratorRegistrationUpdater" Version="1.0.3" />
     <PackageReference Include="NLog" Version="5.0.1" />
     <PackageReference Include="NLog.Extensions.Logging" Version="5.0.0" />
-    <PackageReference Include="RestSharp" Version="108.0.1" />
+    <PackageReference Include="RestSharp" Version="112.0.0" />
     <PackageReference Include="System.Linq" Version="4.3.0" />
   </ItemGroup>
 

integration-manifest.json

@@ -6,9 +6,12 @@
   "support_level": "kf-supported",
   "update_catalog": true,
   "link_github": true,
+  "release_dir": "alteon-orchestrator\\bin\\Release",
   "description": "The Alteon Load Balancer integration allows you to manage certificates within the Alteon Load Balancer device.",
   "about": {
     "orchestrator": {
+      "keyfactor_platform_version": "10.4",
+      "UOFramework": "10.4",
       "win": {
         "supportsCreateStore": false,
         "supportsDiscovery": false,