2.4.4

Fix an issue with WinRM parameters when migrating Legacy IIS Stores to the WinCert type
Fix an issue with "Delete" script in the Legacy IIS Migration that did not remove some records from dependent tables

2.4.3

2.4.2

Correct false positive error when completing an IIS inventory job.
Revert to specifying the version of PowerShell to use when establishing a local PowerShell Runspace.
Fixed typo in error message.

2.4.1

Modified the CertUtil logic to use the -addstore argument when no password is sent with the certificate information.
Added additional error trapping and trace logs

2.4.0

Changed the way certificates are added to cert stores. CertUtil is now used to import the PFX certificate into the associated store. The CSP is now considered when maintaining certificates, empty CSP values will result in using the machines default CSP.
Added the Crypto Service Provider and SAN Entry Parameters to be used on Inventory queries, Adding and ReEnrollments for the WinCert, WinSQL and IISU extensions.
Changed how Client Machine Names are handled when a 'localhost' connection is desired. The new naming convention is: {machineName}|localmachine. This will eliminate the issue of unique naming conflicts.
Updated the manifest.json to now include WinSQL ReEnrollment.
Updated the integration-manifest.json file for new fields in cert store types.

2.3.2

2.3.1

Added additional error trapping for WinRM connections to allow actual error on failure.

2.3.0

2.2.2

Removed empty constructor to resolve PAM provider error when using WinCert store types

2.2.1

2.2.0

Added Support for GMSA Account by using no value for ServerUsernanme and ServerPassword. KF Command version 10.2 or later is required to specify empty credentials.
Added local PowerShell support, triggered when specifying 'localhost' as the client machine while using the IISU or WinCert Orchestrator. This change was tested using KF Command 10.3
Moved to .NET 6

2.1.1

Fixed the missing site name error when issuing a WinCert job when writing trace log settings to the log file.
Several display names changed in the documented certificate store type definitions. There are no changes to the internal type or parameter names, so no migration is necessary for currently configured stores.
- Display name for IISU changed to "IIS Bound Certificate".
- Display name for WinCert changed to "Windows Certificate".
- Display names for several Store and Entry parameters changed to be more descriptive and UI friendly.
Significant readme cleanup

2.1.0

Fixed issue that was occurring during renewal when there were bindings outside of http and https like net.tcp
Added PAM registration/initialization documentation in README.md
Resolved Null HostName error
Added WinCert Cert Store Type
Added custom property parser to not show any passwords
Removed any password references in trace logs and output settings in JSON format

2.0.0

Add support for reenrollment jobs (On Device Key Generation) with the ability to specify a cryptographic provider. Specification of cryptographic provider allows HSM (Hardware Security Module) use.
Local PAM Support added (requires Universal Orchestrator Framework version 10.1)
Certificate store type changed from IISBin to IISU. See README for migration notes.

1.1.3

1.1.0

1.0.3

Add support for the SNI Flags when creating new bindings. Supported flags include:
- 0 No SNI
- 1 SNI Enabled
- 2 Non SNI binding which uses Central Certificate Store
- 3 SNI binding which uses Central Certificate Store
Last release to support Windows Orchestrator (KF8)

1.0.2

Remove dependence on Windows.Web.Administration on the orchestrator server. The agent will now use the local version on the managed server via remote powershell
add support for the IncludePortInSPN flag
add support to use credentials from Keyfactor for Add/Remove/Inventory jobs.

Provide feedback

Saved searches