diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index 6d8de53..729a5a2 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -11,9 +11,10 @@ on: jobs: call-starter-workflow: - uses: keyfactor/actions/.github/workflows/starter.yml@v2 + uses: keyfactor/actions/.github/workflows/starter.yml@3.1.2-rc.0 secrets: token: ${{ secrets.V2BUILDTOKEN}} APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}} gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }} gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }} + scan_token: ${{ secrets.SAST_TOKEN }} diff --git a/CHANGELOG.md b/CHANGELOG.md index 46bc5f0..73d6f8f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +2.2.0 +* Removed the ability to manage certificate/key file combinations uploaded but not yet installed on the Citrix ADC device. This was done due to issues centered around inconsistent naming of uploaded certificate and key files. From this release forward only installed certificate objects will be managed by this orchestrator extension. +* Modify process for renewing certificates to create new certificate/key files instead of deleting/re-adding existing so that no sub second outage occurs +* Modify process for linking certificates to existing issuing CA certificate to match all possible linkages +* Modify process for linking certificates to handle renewals of prior linked certificate when a new issuing certificate is used for the renewed certificate +* Modify README to use doctool + +2.1.2 +* Fix bug identifying private key entry when certificate and key file names differ + 2.1.1 * Fix issue identifying whether inventoried certificate contains a private key. * Renewing Unbound Certificates Causes The Job To Fail diff --git a/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs b/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs index be56c46..4fc6c2a 100644 --- a/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs +++ b/CitrixAdcOrchestratorJobExtension/CitrixAdcStore.cs @@ -31,10 +31,8 @@ using Microsoft.Extensions.Logging; using Newtonsoft.Json; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.OpenSsl; using Org.BouncyCastle.Pkcs; -using Org.BouncyCastle.Security; namespace Keyfactor.Extensions.Orchestrator.CitricAdc { @@ -60,10 +58,10 @@ public CitrixAdcStore(InventoryJobConfiguration config, string serverUserName, s try { Logger = LogHandler.GetClassLogger(); - Logger.LogDebug( - "Begin CitrixAdcStore(InventoryJobConfiguration config) : this((JobConfiguration) config) Constructor..."); + Logger.MethodEntry(LogLevel.Debug); + _clientMachine = config.CertificateStoreDetails.ClientMachine; - StorePath = config.CertificateStoreDetails.StorePath; + StorePath = StripTrailingSlash(config.CertificateStoreDetails.StorePath); var o = new systemfile_args(); _useSsl = config.UseSSL; _username = serverUserName; @@ -82,6 +80,10 @@ public CitrixAdcStore(InventoryJobConfiguration config, string serverUserName, s $"Error Occured in CitrixAdcStore(InventoryJobConfiguration config) : this((JobConfiguration) config): {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } public CitrixAdcStore(ManagementJobConfiguration config, string serverUserName, string serverPassword) @@ -89,10 +91,10 @@ public CitrixAdcStore(ManagementJobConfiguration config, string serverUserName, try { Logger = LogHandler.GetClassLogger(); - Logger.LogDebug( - "Begin CitrixAdcStore(ManagementJobConfiguration config) : this((JobConfiguration) config) Constructor..."); + Logger.MethodEntry(LogLevel.Debug); + _clientMachine = config.CertificateStoreDetails.ClientMachine; - StorePath = config.CertificateStoreDetails.StorePath; + StorePath = StripTrailingSlash(config.CertificateStoreDetails.StorePath); _useSsl = config.UseSSL; _username = serverUserName; _password = serverPassword; @@ -111,6 +113,10 @@ public CitrixAdcStore(ManagementJobConfiguration config, string serverUserName, $"Error Occured in CitrixAdcStore(ManagementJobConfiguration config) : this((JobConfiguration) config): {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } // ReSharper disable once UnusedAutoPropertyAccessor.Local @@ -118,7 +124,7 @@ public CitrixAdcStore(ManagementJobConfiguration config, string serverUserName, public void Login() { - Logger.LogDebug("Entering CitrixAdcStore Login Method..."); + Logger.MethodEntry(LogLevel.Debug); _nss ??= new nitro_service(_clientMachine, _useSsl ? "https" : "http"); base_response response = null; try @@ -133,17 +139,17 @@ public void Login() } finally { + Logger.MethodExit(LogLevel.Debug); if (response != null && !_nss.isLogin()) throw new Exception(response.message); } - - Logger.LogDebug("Exiting CitrixAdcStore Login Method..."); } public bool Logout() { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering Logout Method..."); _nss.logout(); } catch (Exception e) @@ -152,15 +158,17 @@ public bool Logout() return false; } - Logger.LogDebug("Exiting Logout Method..."); + Logger.MethodExit(LogLevel.Debug); return true; } public sslcertkey_binding GetBinding(string certKey) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug($"Entering and Exiting GetBinding Method... CertKey={certKey}"); + Logger.LogDebug($"CertKey={certKey}"); return sslcertkey_binding.get(_nss, certKey); } catch (Exception e) @@ -168,158 +176,75 @@ public sslcertkey_binding GetBinding(string certKey) Logger.LogError($"Error in GetBinding(): {LogHandler.FlattenException(e)}"); return null; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } public sslcertkey GetKeyPairByName(string name) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering and Exiting ListKeyPairs() Method..."); return sslcertkey.get(_nss, name); } catch (Exception e) { - Logger.LogError($"Error in ListKeyPairs(): {LogHandler.FlattenException(e)}"); + Logger.LogError($"Error in GetKeyPairName(): {LogHandler.FlattenException(e)}"); throw; } - } - - public sslcertkey[] ListKeyPairs() - { - try - { - Logger.LogDebug("Entering and Exiting ListKeyPairs() Method..."); - return sslcertkey.get(_nss); - } - catch (Exception e) + finally { - Logger.LogError($"Error in ListKeyPairs(): {LogHandler.FlattenException(e)}"); - throw; + Logger.MethodExit(LogLevel.Debug); } } - public systemfile[] ListFiles() + public sslcertkey[] GetCertificates() { - try - { - Logger.LogDebug("Entering and Exiting ListFiles() Method..."); - return systemfile.get(_nss, nitroServiceOptions); - } - catch (Exception e) - { - Logger.LogError($"Error in ListFiles(): {LogHandler.FlattenException(e)}"); - throw; - } - } + Logger.MethodEntry(LogLevel.Debug); - public (systemfile pemFile, systemfile privateKeyFile) UploadCertificate(string contents, string pwd, - string alias, bool overwrite) - { try { - Logger.LogDebug("Entering UploadCertificate() Method..."); - var (pemFile, privateKeyFile) = GetPem(contents, pwd, alias); - - Logger.LogTrace("Starting UploadFile(pemFile,overwrite) call"); - //upload certificate - UploadFile(pemFile, overwrite); - Logger.LogTrace("Finishing UploadFile(pemFile,overwrite) call"); - - - //upload private key - if (privateKeyFile != null) - { - Logger.LogTrace("PrivateKeyFile is not null so uploading private key"); - //we default overwrite private key as certificate upload has already succeeded and this file needs to be in sync - UploadFile(privateKeyFile, true); - Logger.LogTrace("Finished Uploading Private Key"); - } - - return (pemFile, privateKeyFile); + return sslcertkey.get(_nss); } catch (Exception e) { - Logger.LogError($"Error in UploadCertificate(): {LogHandler.FlattenException(e)}"); + Logger.LogError($"Error in ListKeyPairs(): {LogHandler.FlattenException(e)}"); throw; } - } - - private void UploadFile(systemfile f, bool overwrite) - { - Logger.LogDebug("Entering UploadFile() Method..."); - try + finally { - Logger.LogDebug($"File Content: {JsonConvert.SerializeObject(f)}"); - Logger.LogTrace("Trying to add File"); - var _ = systemfile.add(_nss, f); - Logger.LogTrace("File Added"); - } - catch (nitro_exception ne) - { - Logger.LogTrace($"Nitro Exception Occured {ne.Message}"); - // ReSharper disable once SuspiciousTypeConversion.Global - if ((ne.HResult.Equals(0x80131500) || ne.Message.Contains("File already exists")) - && overwrite) - { - var fOld = new systemfile - { - filename = f.filename, - filelocation = f.filelocation - }; - Logger.LogDebug($"Old File Content: {JsonConvert.SerializeObject(fOld)}"); - systemfile.delete(_nss, fOld); - systemfile.add(_nss, f); - } - else - { - Logger.LogError("Unexpected Nitro Error Occurred"); - throw; - } + Logger.MethodExit(LogLevel.Debug); } } - public base_response DeleteFile(string alias) + public systemfile[] ListFiles() { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering DeleteFile(string contents, string alias) Method..."); - Logger.LogTrace($"alias: {alias} storePath: {StorePath}"); - var f = new systemfile - { - filename = alias, - filelocation = StorePath - }; - Logger.LogDebug("Exiting DeleteFile() Method..."); - return DeleteFile(f); + return systemfile.get(_nss, nitroServiceOptions); } catch (Exception e) { - Logger.LogError( - $"Error Occurred in DeleteFile(string contents, string alias): {LogHandler.FlattenException(e)}"); + Logger.LogError($"Error in ListFiles(): {LogHandler.FlattenException(e)}"); throw; } - } - - private base_response DeleteFile(systemfile f) - { - try - { - Logger.LogDebug("Entering and Exiting DeleteFile() Method..."); - Logger.LogTrace($"Deleting certificate at {f.filelocation}/{f.filename}"); - return systemfile.delete(_nss, f); - } - catch (Exception e) + finally { - Logger.LogError($"Error Occurred in DeleteFile(): {LogHandler.FlattenException(e)}"); - throw; + Logger.MethodExit(LogLevel.Debug); } } public base_response DeleteKeyPair(sslcertkey f) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering and Exiting DeleteFile() Method..."); Logger.LogTrace($"Deleting certificate at {f}"); return sslcertkey.delete(_nss, f); } @@ -328,14 +253,19 @@ public base_response DeleteKeyPair(sslcertkey f) Logger.LogError($"Error Occurred in DeleteFile(): {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } public string FindKeyPairByCertPath(string certPath) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering FindKeyPairByCertPath(string certPath) Method..."); Logger.LogTrace($"certPath: {certPath}"); var filters = new filtervalue[1]; filters[0] = new filtervalue("cert", certPath); @@ -351,135 +281,67 @@ public string FindKeyPairByCertPath(string certPath) $"Error Occurred in FindKeyPairByCertPath(string certPath): {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } - private string UpdateKeyPair(string keyPairName, string certPath, string keyPath) + public void UpdateKeyPair(string keyPairName, string certFileName, string keyFileName) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug( - "Entering UpdateKeyPair(string keyPairName, string certPath, string keyPath) Method..."); - Logger.LogTrace($"keyPairName: {keyPairName} certPath:{certPath} keyPath{keyPath}"); + Logger.LogTrace($"keyPairName: {keyPairName} certFileName:{certFileName} keyFileName{keyFileName}"); + + sslcertkey certKeyObject = new sslcertkey() + { + certkey = keyPairName, + cert = certFileName, + key = keyFileName, + inform = "PEM", + nodomaincheck = true, + passplain = "0", + password = false + }; + var filters = new filtervalue[1]; filters[0] = new filtervalue("certKey", keyPairName); - Logger.LogTrace($"Checking to see if existing certificate-key pair exists with name {keyPairName}"); var count = sslcertkey.count_filtered(_nss, filters); - Logger.LogTrace($"Count of certkey with {keyPairName}: {count}"); if (count > 0) { - var result = new sslcertkey - { - certkey = keyPairName, - cert = certPath - }; - - Logger.LogTrace($"result: {JsonConvert.SerializeObject(result)}"); - keyPath = certPath + ".key"; - Logger.LogTrace($"keyPath: {keyPath}"); + Logger.LogTrace($"Updating certificate-key pair with name {keyPairName}"); - //Existing keypair exists - result.key = keyPath; - result.inform = "PEM"; - result.nodomaincheck = true; + base_response updResponse = sslcertkey.update(_nss, certKeyObject); + Logger.LogDebug($"sslcertkey.update: ## Error Code ##: {updResponse.errorcode} ## Message ##: {updResponse.message}"); - Logger.LogTrace($"Updating certificate-key pair with name {keyPairName}"); - var _ = sslcertkey.change(_nss, result); - var unused = sslcertkey.update(_nss, result); + base_response chgResponse = sslcertkey.change(_nss, certKeyObject); + Logger.LogDebug($"sslcertkey.change: ## Error Code ##: {chgResponse.errorcode} ## Message ##: {chgResponse.message}"); } else { - var s = new sslcertkey - { - certkey = keyPairName, - cert = certPath - }; - if (keyPath != null) - { - s.key = keyPath; - s.password = false; - s.passplain = "0"; // Unused, but required, dummy variable - } - Logger.LogTrace($"Adding certificate-key pair with name {keyPairName}"); - sslcertkey.add(_nss, s); - Logger.LogTrace($"Finished Adding certificate-key pair with name {keyPairName}"); + sslcertkey.add(_nss, certKeyObject); } } catch (nitro_exception ne) { - Logger.LogError($"Exception occured while trying to add or update {keyPairName}"); - if ((((uint)ne.HResult).Equals(0x80138500) || ((uint)ne.HResult).Equals(0x80131500)) && - ne.Message.Contains("Resource already exists")) - { - if (ne.Message.Contains("certkeyName Contents,")) - { - var start = ne.Message.IndexOf("Contents, ", StringComparison.Ordinal) + "Contents, ".Length; - var end = ne.Message.IndexOf(']', start); - keyPairName = ne.Message.Substring(start, end - start); - Logger.LogError($"Certificate keypair already existed on as {keyPairName}"); - } - } - else - { - throw; - } - } - - Logger.LogDebug("Exiting UpdateKeyPair(string keyPairName, string certPath, string keyPath) Method..."); - return keyPairName; - } - - public string UpdateKeyPair(string alias, string keyPairName, systemfile pemFile, systemfile privateKey) - { - try - { - Logger.LogDebug( - "Entering UpdateKeyPair(string alias, string keyPairName, systemfile pemFile, systemfile privateKey) Method..."); - Logger.LogTrace($"alias: {alias} keyPairName: {keyPairName}"); - - var certPath = StorePath + "/" + keyPairName; - Logger.LogTrace($"certPath: {certPath}"); - - //see if keypair already exists, if it does then we have to generate a new name to prevent downtime - Logger.LogTrace($"keyPairName: {keyPairName} certPath:{certPath} checking if already exists."); - - if (string.IsNullOrWhiteSpace(keyPairName)) - { - Logger.LogTrace("string.IsNullOrWhiteSpace(keyPairName) is True"); - var existingKeyPair = FindKeyPairByCertPath(certPath); - Logger.LogTrace($"existingKeyPair: {existingKeyPair}"); - if (existingKeyPair != null) - { - Logger.LogTrace($"existingKeyPair not Null: {existingKeyPair}"); - keyPairName = existingKeyPair; - } - else - { - keyPairName = GenerateKeyPairName(alias); - } - } - - string keyPath = null; - if (privateKey != null) keyPath = StorePath + "/" + alias + ".key"; - Logger.LogTrace($"keyPath: {keyPath}"); - Logger.LogDebug( - "Exiting UpdateKeyPair(string alias, string keyPairName, systemfile pemFile, systemfile privateKey) Method..."); - return UpdateKeyPair(keyPairName, certPath, keyPath); - } - catch (Exception e) - { - Logger.LogError( - $"Error Occurred in UpdateKeyPair(string alias, string keyPairName, systemfile pemFile, systemfile privateKey): {LogHandler.FlattenException(e)}"); + Logger.LogError($"Exception occured while trying to add or update {keyPairName}. {LogHandler.FlattenException(ne)}"); throw; } + + Logger.MethodExit(LogLevel.Debug); } public sslvserver_sslcertkey_binding[] GetBindingByVServer(string vServerName) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug($"Entering and Exiting GetBindingByVServerKey Method... vServerName={vServerName}"); + Logger.LogDebug($"vServerName={vServerName}"); return sslvserver_sslcertkey_binding.get(_nss, vServerName); } catch (Exception e) @@ -487,10 +349,16 @@ public sslvserver_sslcertkey_binding[] GetBindingByVServer(string vServerName) Logger.LogError($"Error in GetBinding(): {LogHandler.FlattenException(e)}"); return null; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } private string GenerateKeyPairName(string alias) { + Logger.MethodEntry(LogLevel.Debug); + if (alias == alias.Substring(0, Math.Min(40, alias.Length))) alias = alias.Substring(0, Math.Min(40, alias.Length)); else @@ -498,84 +366,124 @@ private string GenerateKeyPairName(string alias) Logger.LogTrace($"keyPairName: {alias}"); + Logger.MethodExit(LogLevel.Debug); + return alias; } - public void UpdateBindings(string keyPairName, string virtualServerName, string sniCert) + public void UpdateBindings(string keyPairName, List virtualServerNames, List sniCerts) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Enter UpdateBindings(string keyPairName, string virtualServerName)"); - + if (virtualServerNames.Count != sniCerts.Count) + { + Logger.LogError($"Error attempting to perform binding. Mismatched number of virtual server names ({virtualServerNames.Count.ToString()} and SNI values {sniCerts.Count.ToString()}. Certificate added, but binding not performed."); + return; + } - var sniArray = sniCert.Split(','); + var i = 0; - if (!string.IsNullOrWhiteSpace(virtualServerName)) + foreach (string vsName in virtualServerNames) { - var i = 0; - foreach (var vsName in virtualServerName.Split(",")) + bool sniBool = Convert.ToBoolean(sniCerts[virtualServerNames.IndexOf(vsName)]); + Logger.LogTrace($"Updating binding for {vsName}"); + var ssb = new sslvserver_sslcertkey_binding { - var sniBool = false; - if (!string.IsNullOrEmpty(sniCert) && - (sniArray[i].ToUpper() == "TRUE" || sniArray[i].ToUpper() == "FALSE")) - sniBool = Convert.ToBoolean(sniArray[i]); - - Logger.LogTrace($"Updating bindings for {virtualServerName}"); - //bind key-pair to vserver - var ssb = new sslvserver_sslcertkey_binding - { - certkeyname = keyPairName, - vservername = vsName, - snicert = sniBool - }; - Logger.LogTrace($"Adding binding {keyPairName} for virtual server {virtualServerName}"); - - //Citrix Requires you do delete first when SNI with same domain or you will get a duplicate domain error - var filters = new filtervalue[1]; - filters[0] = new filtervalue("certKeyName", keyPairName); - if (sniBool && sslvserver_sslcertkey_binding.count_filtered(_nss, vsName, filters) > 0) - sslvserver_sslcertkey_binding.delete(_nss, ssb); - sslvserver_sslcertkey_binding.add(_nss, ssb); - - i++; - Logger.LogDebug("Exit UpdateBindings(string keyPairName, string virtualServerName)"); + certkeyname = keyPairName, + vservername = vsName, + snicert = sniBool + }; + Logger.LogTrace($"Adding binding {keyPairName} for virtual server {vsName} and sni {sniBool.ToString()}"); + + //Citrix Requires you do delete first when SNI with same domain or you will get a duplicate domain error + var filters = new filtervalue[1]; + filters[0] = new filtervalue("certKeyName", keyPairName); + if (sniBool && sslvserver_sslcertkey_binding.count_filtered(_nss, vsName, filters) > 0) + { + Logger.LogTrace($"Removing binding for virtual server {vsName} and sni {sniBool.ToString()}"); + base_response response = sslvserver_sslcertkey_binding.delete(_nss, ssb); + Logger.LogTrace($"Removing binding results: ErrorCode: {response.errorcode}, Message: {response.message}"); } + sslvserver_sslcertkey_binding.add(_nss, ssb); + + i++; } } catch (Exception e) { Logger.LogError( - $"Error Occurred in UpdateBindings(string keyPairName, string virtualServerName): {LogHandler.FlattenException(e)}"); + $"Error Occurred in UpdateBindings: {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } public void LinkToIssuer(string cert, string privateKeyPassword, string keyPairName) { + Logger.MethodEntry(LogLevel.Debug); + sslcertificatechain chain = sslcertificatechain.get(_nss, keyPairName); + sslcertkey certKey = sslcertkey.get(_nss, keyPairName); + + X509Certificate2Collection x509CertCollection = new X509Certificate2Collection(); + x509CertCollection.Import(Convert.FromBase64String(cert), privateKeyPassword, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet); + + X509Certificate2 issuingCert = x509CertCollection.First(r => r.Subject == (x509CertCollection.First(p => p.HasPrivateKey).Issuer)); + if (chain.chaincomplete == 1) { - Logger.LogDebug($"Certificate {keyPairName} already linked to {chain.chainlinked}"); - return; + foreach (string chainCertAlias in chain.chainlinked) + { + X509Certificate2 x509ChainCert = GetX509Certificate(GetKeyPairByName(chainCertAlias)); + if (x509ChainCert.Thumbprint == issuingCert.Thumbprint) + { + return; + } + } } - if (chain.chainpossiblelinks == null || string.IsNullOrEmpty(chain.chainpossiblelinks[0]) || chain.chainpossiblelinks.Length == 0) + if (chain.chainpossiblelinks == null || chain.chainpossiblelinks.Length == 0) { string msg = $"Certificate added, but link not performed. No Issuing CA Certificate exists for {keyPairName}."; Logger.LogWarning(msg); throw new LinkException(msg); } - - sslcertkey certKey = sslcertkey.get(_nss, keyPairName); - certKey.linkcertkeyname = chain.chainpossiblelinks[0]; + + string chainCertName = string.Empty; + foreach (string chainCertAlias in chain.chainpossiblelinks) + { + X509Certificate2 x509ChainCert = GetX509Certificate(GetKeyPairByName(chainCertAlias)); + if (x509ChainCert.Thumbprint == issuingCert.Thumbprint) + { + chainCertName = chainCertAlias; + break; + } + } + + if (chainCertName == string.Empty) + { + string errMsg = "Issuing certificate not found in Citrix. Link not performed."; + Logger.LogWarning(errMsg); + throw new LinkException(errMsg); + } + + certKey.linkcertkeyname = chainCertName; sslcertkey.link(_nss, certKey); + + Logger.MethodExit(LogLevel.Debug); } - private (byte[], byte[]) GetPemFromPfx(byte[] pfxBytes, char[] pfxPassword) + private (string, string) GetPemFromPfx(byte[] pfxBytes, char[] pfxPassword) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering GetPemFromPfx(byte[] pfxBytes, char[] pfxPassword)"); var p = new Pkcs12Store(new MemoryStream(pfxBytes), pfxPassword); // Extract private key @@ -610,8 +518,7 @@ string Pemify(string ss) var certPem = certStart + Pemify(Convert.ToBase64String(p.GetCertificate(alias).Certificate.GetEncoded())) + certEnd; - Logger.LogDebug("Exiting GetPemFromPfx(byte[] pfxBytes, char[] pfxPassword)"); - return (Encoding.ASCII.GetBytes(certPem), Encoding.ASCII.GetBytes(privateKeyString)); + return (certPem, privateKeyString); } catch (Exception e) { @@ -619,177 +526,76 @@ string Pemify(string ss) $"Error Occurred in GetPemFromPfx(byte[] pfxBytes, char[] pfxPassword): {LogHandler.FlattenException(e)}"); throw; } - } - - private (systemfile, systemfile) GetPem(string contents, string pwd, string alias) - { - try + finally { - Logger.LogDebug("Entering GetPem(string contents, string pwd, string alias)"); - var pemFile = new systemfile(); - systemfile privateKeyFile = null; - - if (!string.IsNullOrWhiteSpace(pwd)) // PFX Entry - { - // Load PFX - var pfxBytes = Convert.FromBase64String(contents); - var (certPem, privateKey) = GetPemFromPfx(pfxBytes, pwd.ToCharArray()); - - // create private key file - privateKeyFile = new systemfile - { - filecontent = Convert.ToBase64String(privateKey), - filename = alias + ".key", - filelocation = StorePath - }; - - // set pem file from cert in pfx - pemFile.filecontent = Convert.ToBase64String(certPem); - } - else - { - pemFile.filecontent = contents; - } - - pemFile.filename = alias; - pemFile.filelocation = StorePath; - Logger.LogDebug("Exiting GetPem(string contents, string pwd, string alias)"); - - return (pemFile, privateKeyFile); - } - catch (Exception e) - { - Logger.LogError( - $"Error Occurred in GetPem(string contents, string pwd, string alias): {LogHandler.FlattenException(e)}"); - throw; + Logger.MethodExit(LogLevel.Debug); } } - public X509Certificate2 GetX509Certificate(string fileLocation, out bool hasKey) + public X509Certificate2 GetX509Certificate(sslcertkey certificate) { - Logger.LogDebug("Entering GetX509Certificate(string fileLocation, out bool hasKey)"); - systemfile f; - string[] privateKeyDelims = new string[3] { "-----BEGIN RSA PRIVATE KEY-----", "-----BEGIN PRIVATE KEY-----", "-----BEGIN ENCRYPTED PRIVATE KEY-----" }; + Logger.MethodEntry(LogLevel.Debug); string certString = null; - string keyString = null; + X509Certificate2 x509Cert = null; try { - Logger.LogTrace($"Trying GetSystemFile(fileLocation): {fileLocation}"); - f = GetSystemFile(fileLocation); - Logger.LogTrace($"Finished GetSystemFile(fileLocation): {fileLocation}"); - } - catch - { - Logger.LogError("Error Occurred in GetSystemFile(fileLocation)"); - hasKey = false; - return null; - } + Logger.LogTrace($"Trying GetSystemFile(fileLocation): {certificate.cert}"); + systemfile f = GetSystemFile(certificate.cert); + Logger.LogTrace($"Finished GetSystemFile(fileLocation): {certificate.cert}"); - //Ignore Directories - if (f.filemode != null && f.filemode[0].ToUpper() == "DIRECTORY") - { - hasKey = false; - return null; - } - - // Determine if it's a cert - X509Certificate2 x = null; - try - { var b = Convert.FromBase64String(f.filecontent); var fileString = Encoding.Default.GetString(b); - // Check if private key is included with certificate - var privateKeyIdx = -1; - foreach(string privateKeyDelim in privateKeyDelims) - { - if (fileString.IndexOf(privateKeyDelim, StringComparison.Ordinal) >= 0) - privateKeyIdx = Array.IndexOf(privateKeyDelims, privateKeyDelim); - } - - var containsCert = fileString.IndexOf("-----BEGIN CERTIFICATE-----", StringComparison.Ordinal) >= 0; + string endDelim = "-----END CERTIFICATE-----"; + int startIdx = fileString.IndexOf("-----BEGIN CERTIFICATE-----", StringComparison.Ordinal); + int endIdx = fileString.IndexOf(endDelim, StringComparison.Ordinal); - Logger.LogTrace($"containsKey: {privateKeyIdx > -1} containsCert: {containsCert}"); - - if (containsCert && privateKeyIdx > -1) + if (startIdx == -1 || endIdx == -1) { - Logger.LogTrace($"File contains certificate and key: {fileLocation}"); - - var keyStart = fileString.IndexOf(privateKeyDelims[privateKeyIdx], StringComparison.Ordinal); - var keyEnd = fileString.IndexOf(privateKeyDelims[privateKeyIdx].Replace("BEGIN","END"), StringComparison.Ordinal) + - privateKeyDelims[privateKeyIdx].Replace("BEGIN", "END").Length; - - // check if need to remove new line - keyString = fileString.Substring(keyStart, keyEnd - keyStart); - certString = fileString.Remove(keyStart, keyEnd - keyStart); - } - else if (containsCert) - { - Logger.LogTrace("containsCert"); - certString = fileString; - // check .key file - try - { - var fileNameWithoutExtension = fileLocation; - if (fileLocation.EndsWith(".crt",StringComparison.CurrentCultureIgnoreCase) || fileLocation.EndsWith(".pem", StringComparison.CurrentCultureIgnoreCase) || fileLocation.EndsWith(".pfx", StringComparison.CurrentCultureIgnoreCase) || fileLocation.EndsWith(".cert", StringComparison.CurrentCultureIgnoreCase) || fileLocation.EndsWith(".der", StringComparison.CurrentCultureIgnoreCase)) - { - fileNameWithoutExtension = Path.GetFileNameWithoutExtension(fileLocation); - } - var keyFile = GetSystemFile(fileNameWithoutExtension + ".key"); - keyString = Encoding.UTF8.GetString(Convert.FromBase64String(keyFile.filecontent)); - } - catch (Exception e) - { - Logger.LogError("Unable to evaluate private key - " + LogHandler.FlattenException(e)); - } + Logger.LogWarning($"Certificate {certificate.certkey} does not contain a valid PEM formatted certificate"); } + certString = fileString.Substring(startIdx, endIdx - startIdx + endDelim.Length); + if (certString == null) { - hasKey = false; return null; } try { - x = ReadX509Certificate(certString); + x509Cert = ReadX509Certificate(certString); } catch (Exception e) { - // Not a certificate file - Logger.LogError($"Error reading x509Certificate at {fileLocation}"); - Logger.LogError(LogHandler.FlattenException(e)); - hasKey = false; + Logger.LogError($"Error reading converting {certificate.certkey} to X509 certificate format: {LogHandler.FlattenException(e)}"); return null; } - - hasKey = !string.IsNullOrEmpty(keyString); } catch (Exception e) { // Not a certificate file - Logger.LogError($"{fileLocation} is not a certificate"); - Logger.LogError(LogHandler.FlattenException(e)); - hasKey = false; + Logger.LogError($"Error reading/processing certificate {certificate.certkey}: {LogHandler.FlattenException(e)}"); } - Logger.LogDebug("Exiting GetX509Certificate(string fileLocation, out bool hasKey)"); - return x; + Logger.MethodExit(LogLevel.Debug); + return x509Cert; } private systemfile GetSystemFile(string fileName) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering GetSystemFile(string fileName)"); var option = new systemfile_args(); Logger.LogTrace($"urlPath: {StorePath} fileName:{fileName}"); //option.set_args($"filelocation:{urlPath},filename:{fileName}"); option.filelocation = StorePath; - var f = new systemfile { filelocation = StorePath, filename = fileName }; + var f = new systemfile { filelocation = StorePath, filename = fileName.Substring(fileName.LastIndexOf("/") + 1) }; var result = systemfile.get(_nss, f); Logger.LogDebug("Exiting GetSystemFile(string fileName)"); return result; @@ -799,10 +605,123 @@ private systemfile GetSystemFile(string fileName) Logger.LogError($"Error Occurred in GetSystemFile(string fileName): {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } - public bool IsDuplicateCertificate(string alias) + public (systemfile pemFile, systemfile privateKeyFile) UploadCertificate(string contents, string pwd, + string alias, bool overwrite) { + Logger.MethodEntry(LogLevel.Debug); + + try + { + var (certificate, privateKey) = GetPemFromPfx(Convert.FromBase64String(contents), pwd.ToCharArray()); + + //upload certificate and key + systemfile certificateFile = UploadFile(alias, certificate, true, 0); + systemfile privateKeyFile = UploadFile(alias, privateKey, false, 0); + + return (certificateFile, privateKeyFile); + } + catch (Exception e) + { + Logger.LogError($"Error in UploadCertificate(): {LogHandler.FlattenException(e)}"); + throw; + } + finally + { + Logger.MethodExit(LogLevel.Debug); + } + } + + private systemfile UploadFile(string alias, string contents, bool isCertificate, int fileNameSuffix) + { + Logger.LogDebug("Entering UploadFile() Method..."); + + if (fileNameSuffix > 50) + { + string errMessage = $"Too many attempts (50) to upload file for {alias}"; + Logger.LogError(errMessage); + throw new Exception(errMessage); + } + + string fileNameSuffixString = fileNameSuffix == 0 ? string.Empty : fileNameSuffix.ToString(); + string fileName = alias + fileNameSuffixString + (isCertificate ? string.Empty : ".key"); + + systemfile file = new systemfile() + { + filecontent = Convert.ToBase64String(Encoding.ASCII.GetBytes(contents)), + filelocation = StorePath, + filename = fileName + }; + + try + { + Logger.LogTrace($"Attempting to upload file {file.filelocation}/{file.filename}"); + var _ = systemfile.add(_nss, file); + Logger.LogTrace($"File {file.filename} added for {alias}"); + } + catch (nitro_exception ne) + { + // ReSharper disable once SuspiciousTypeConversion.Global + if ((ne.HResult.Equals(0x80131500) || ne.Message.Contains("File already exists"))) + { + Logger.LogTrace($"File {file.filename} already exists. Trying again with new name."); + file = UploadFile(alias, contents, isCertificate, fileNameSuffix + 1); + } + else + { + throw new Exception($"Error attempting to upload certificate {alias} - {ne.Message}"); + } + } + + return file; + } + + public base_response DeleteFile(string alias) + { + try + { + Logger.LogDebug("Entering DeleteFile(string contents, string alias) Method..."); + Logger.LogTrace($"alias: {alias} storePath: {StorePath}"); + var f = new systemfile + { + filename = alias, + filelocation = StorePath + }; + Logger.LogDebug("Exiting DeleteFile() Method..."); + return DeleteFile(f); + } + catch (Exception e) + { + Logger.LogError( + $"Error Occurred in DeleteFile(string contents, string alias): {LogHandler.FlattenException(e)}"); + throw; + } + } + + private base_response DeleteFile(systemfile f) + { + try + { + Logger.LogDebug("Entering and Exiting DeleteFile() Method..."); + Logger.LogTrace($"Deleting certificate at {f.filelocation}/{f.filename}"); + return systemfile.delete(_nss, f); + } + catch (Exception e) + { + Logger.LogError($"Error Occurred in DeleteFile(): {LogHandler.FlattenException(e)}"); + throw; + } + } + + public bool AliasExists(string alias) + { + Logger.MethodEntry(LogLevel.Debug); + var filters = new filtervalue[1]; filters[0] = new filtervalue("certKey", alias); Logger.LogTrace($"Checking to see if existing certificate-key pair exists with name {alias}"); @@ -811,14 +730,17 @@ public bool IsDuplicateCertificate(string alias) if (count > 0) return true; + + Logger.MethodExit(LogLevel.Debug); return false; } private X509Certificate2 ReadX509Certificate(string certString) { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering ReadX509Certificate(string certString)"); // Determine if it's a cert byte[] b = null; X509Certificate2 x; @@ -842,10 +764,9 @@ private X509Certificate2 ReadX509Certificate(string certString) } // ReSharper disable once PossibleIntendedRethrow - throw e; + throw; } - Logger.LogDebug("Exiting ReadX509Certificate(string certString)"); return x; } catch (Exception e) @@ -854,36 +775,23 @@ private X509Certificate2 ReadX509Certificate(string certString) $"Error Occurred in ReadX509Certificate(string certString): {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } - private bool EvaluatePrivateKey(X509Certificate2 cert, string keyString) + private string StripTrailingSlash(string storePath) { - Logger.LogDebug("Entering EvaluatePrivateKey(X509Certificate2 cert, string keyString)"); - if (string.IsNullOrEmpty(keyString)) return false; - try - { - var keypair = (AsymmetricCipherKeyPair)new PemReader(new StringReader(keyString)).ReadObject(); - var privateKey = (RsaPrivateCrtKeyParameters)keypair.Private; - - var publicKey = (RsaKeyParameters)DotNetUtilities.FromX509Certificate(cert).GetPublicKey(); - Logger.LogDebug("Exiting EvaluatePrivateKey(X509Certificate2 cert, string keyString)"); - - return privateKey.Modulus.Equals(publicKey.Modulus) && - publicKey.Exponent.Equals(privateKey.PublicExponent); - } - catch (Exception e) - { - Logger.LogError("Unable to evaluate private key - " + e.Message); - Logger.LogError(LogHandler.FlattenException(e)); - return false; - } + return storePath.Substring(storePath.Length - 1, 1) == "/" ? storePath.Substring(0, storePath.Length - 1) : storePath; } public void SaveConfiguration() { + Logger.MethodEntry(LogLevel.Debug); + try { - Logger.LogDebug("Entering and Exiting SaveConfiguration Method..."); _ = _nss.save_config(); } catch (Exception e) @@ -891,6 +799,10 @@ public void SaveConfiguration() Logger.LogError($"Error in SaveConfiguration: {LogHandler.FlattenException(e)}"); throw; } + finally + { + Logger.MethodExit(LogLevel.Debug); + } } } diff --git a/CitrixAdcOrchestratorJobExtension/Inventory.cs b/CitrixAdcOrchestratorJobExtension/Inventory.cs index a8c2704..e328ac9 100644 --- a/CitrixAdcOrchestratorJobExtension/Inventory.cs +++ b/CitrixAdcOrchestratorJobExtension/Inventory.cs @@ -21,6 +21,8 @@ using Keyfactor.Logging; using Keyfactor.Orchestrators.Extensions.Interfaces; +using com.citrix.netscaler.nitro.resource.config.ssl; + namespace Keyfactor.Extensions.Orchestrator.CitricAdc { // ReSharper disable once InconsistentNaming @@ -76,52 +78,32 @@ private string ResolvePamField(string name, string value) private JobResult ProcessJob(CitrixAdcStore store, InventoryJobConfiguration jobConfiguration, SubmitInventoryUpdate submitInventoryUpdate) { - _logger.LogDebug("Begin New Bindings Fix Inventory..."); + _logger.LogDebug($"Begin {jobConfiguration.Capability} for job id {jobConfiguration.JobId}..."); + _logger.MethodEntry(LogLevel.Debug); List inventory = new List(); try { - _logger.LogDebug("Getting file list..."); - var files = store.ListFiles(); - - ///////Dictionary existing = jobConfiguration.LastInventory.ToDictionary(i => i.Alias, i => i.Thumbprints.First()); - // ReSharper disable once CollectionNeverQueried.Local - HashSet processedAliases = new HashSet(); - - //union the remote keys + last Inventory - List contentsToCheck = files?.Select(x => x.filename).ToList() ?? new List(); - - _logger.LogDebug("Getting KeyPair list..."); - var keyPairList = store.ListKeyPairs(); - _logger.LogDebug($"Found {keyPairList.Length} KeyPair results..."); + _logger.LogDebug("Getting certificate list..."); + sslcertkey[] certificates = store.GetCertificates(); + _logger.LogDebug($"Found {certificates.Length} certificate results..."); - //create a lookup by cert(alias) for certkey identifier - Dictionary keyPairMap = keyPairList.ToDictionary(i => i.cert, i => i.certkey); - - _logger.LogDebug("For each file get contents by alias..."); - foreach (string s in contentsToCheck) + _logger.LogDebug("For each certificate..."); + foreach (sslcertkey certificate in certificates) { - _logger.LogDebug($"Checking alias (filename): {s}"); - X509Certificate2 x = store.GetX509Certificate(s, out bool privateKeyEntry); + _logger.LogDebug($"Retrieving certificate file: {certificate.cert} for alias {certificate.certkey}"); + X509Certificate2 x = store.GetX509Certificate(certificate); if (x == null) continue; - processedAliases.Add(s); - Dictionary parameters = new Dictionary(); - var containsKeyWithPath = keyPairMap.ContainsKey(store.StorePath + "/" + s); - var containsKey = keyPairMap.ContainsKey(s); - - if (containsKey || containsKeyWithPath) + if (certificate.key != null) { - var keyPairName = containsKeyWithPath ? keyPairMap[store.StorePath + "/" + s] : keyPairMap[s]; - - _logger.LogDebug($"Found keyPairName: {keyPairName}"); - parameters.Add("keyPairName", keyPairName); + parameters.Add("keyPairName", certificate.certkey); - var binding = store.GetBinding(keyPairName); + var binding = store.GetBinding(certificate.certkey); var vserverBindings = binding?.sslcertkey_sslvserver_binding; if (vserverBindings != null) @@ -135,7 +117,7 @@ private JobResult ProcessJob(CitrixAdcStore store, InventoryJobConfiguration job foreach (string server in virtualServerName.Split(',')) { var bindings = store.GetBindingByVServer(server); - var first = bindings.FirstOrDefault(b => b.certkeyname == keyPairName); + var first = bindings.FirstOrDefault(b => b.certkeyname == certificate.certkey); if (first != null) bindingsCsv += first.snicert + ","; } parameters.Add("sniCert", bindingsCsv.TrimEnd(',')); @@ -150,18 +132,16 @@ private JobResult ProcessJob(CitrixAdcStore store, InventoryJobConfiguration job inventory.Add(new CurrentInventoryItem() { - Alias = s, + Alias = certificate.certkey, Certificates = new[] { Convert.ToBase64String(x.GetRawCertData()) }, - //ItemStatus = itemStatus, - PrivateKeyEntry = privateKeyEntry, + PrivateKeyEntry = certificate.key != null, UseChainLevel = false, Parameters = parameters }); } _logger.LogDebug($"Found {inventory.Count} certificates at {jobConfiguration.CertificateStoreDetails.StorePath}"); - - } + catch (Exception ex) { _logger.LogError("Error performing certificate Inventory: " + ex.Message); @@ -172,14 +152,17 @@ private JobResult ProcessJob(CitrixAdcStore store, InventoryJobConfiguration job { Result = Orchestrators.Common.Enums.OrchestratorJobStatusJobResult.Failure, JobHistoryId = jobConfiguration.JobHistoryId, - FailureMessage = "Error while performing certificate Inventory" + FailureMessage = "Error while performing certificate Inventory" + ex.Message }; } + finally + { + _logger.MethodExit(LogLevel.Debug); + } try { _logger.LogDebug("Sending results back to command"); - //Sends inventoried certificates back to KF Command submitInventoryUpdate.Invoke(inventory); _logger.LogDebug("Successfully Completed Job"); @@ -204,6 +187,10 @@ private JobResult ProcessJob(CitrixAdcStore store, InventoryJobConfiguration job FailureMessage = "Failure while submitting certificate Inventory" }; } + finally + { + _logger.MethodExit(LogLevel.Debug); + } } } } \ No newline at end of file diff --git a/CitrixAdcOrchestratorJobExtension/Keyfactor.Extensions.Orchestrator.CitricAdc.csproj b/CitrixAdcOrchestratorJobExtension/Keyfactor.Extensions.Orchestrator.CitricAdc.csproj index 20d0abd..cc4ea4f 100644 --- a/CitrixAdcOrchestratorJobExtension/Keyfactor.Extensions.Orchestrator.CitricAdc.csproj +++ b/CitrixAdcOrchestratorJobExtension/Keyfactor.Extensions.Orchestrator.CitricAdc.csproj @@ -1,25 +1,25 @@ - + - netcoreapp3.1 + true + net6.0;net8.0 + true + disable - - - - - - - - + + + Always + + Always - + @@ -30,7 +30,4 @@ nitro.dll - - - diff --git a/CitrixAdcOrchestratorJobExtension/Management.cs b/CitrixAdcOrchestratorJobExtension/Management.cs index 247bafb..88496c3 100644 --- a/CitrixAdcOrchestratorJobExtension/Management.cs +++ b/CitrixAdcOrchestratorJobExtension/Management.cs @@ -22,6 +22,8 @@ using System.IO; using static Org.BouncyCastle.Math.EC.ECCurve; using com.citrix.netscaler.nitro.resource.config.pq; +using System.Collections.Generic; +using com.citrix.netscaler.nitro.resource.config.ssl; namespace Keyfactor.Extensions.Orchestrator.CitricAdc { @@ -54,6 +56,8 @@ private string ResolvePamField(string name, string value) public JobResult ProcessJob(ManagementJobConfiguration jobConfiguration) { _logger = LogHandler.GetClassLogger(); + _logger.LogDebug($"Begin {jobConfiguration.Capability} for job id {jobConfiguration.JobId}..."); + _logger.MethodEntry(LogLevel.Debug); ServerPassword = ResolvePamField("ServerPassword", jobConfiguration.ServerPassword); ServerUserName = ResolvePamField("ServerUserName", jobConfiguration.ServerUsername); @@ -65,171 +69,70 @@ public JobResult ProcessJob(ManagementJobConfiguration jobConfiguration) _logger.LogDebug("Logging into Citrix..."); store.Login(); - _logger.LogDebug("Entering ProcessJob"); - var result = ProcessJob(store, jobConfiguration); - - if (ApplicationSettings.AutoSaveConfig && result.Result == OrchestratorJobStatusJobResult.Success) - { - _logger.LogDebug("Saving configuration..."); - store.SaveConfiguration(); - } - - _logger.LogDebug("Logging out of Citrix..."); - store.Logout(); - - _logger.LogDebug("Exiting ProcessJob"); - - return result; - } - - private void PerformAdd(CitrixAdcStore store, ManagementJobCertificate cert, string keyPairName, - string virtualServerName, bool overwrite, string sniCert, bool linkToIssuer) - { - _logger.LogTrace("Enter performAdd"); - var alias = cert.Alias; - AddBindCert(store, cert, keyPairName, virtualServerName, overwrite, alias, sniCert, linkToIssuer); - } - - private void AddBindCert(CitrixAdcStore store, ManagementJobCertificate cert, string keyPairName, - string virtualServerName, bool overwrite, string alias, string sniCert, bool linkToIssuer) - { - var (pemFile, privateKeyFile) = - store.UploadCertificate(cert.Contents, cert.PrivateKeyPassword, alias, overwrite); - - _logger.LogDebug("Updating keyPair"); - //update KeyPair - keyPairName = store.UpdateKeyPair(alias, keyPairName, pemFile, privateKeyFile); - - _logger.LogDebug("Updating cert bindings"); - //update cert bindings - if (virtualServerName != null) - store.UpdateBindings(keyPairName, virtualServerName, sniCert); - - if (linkToIssuer) - { - store.LinkToIssuer(cert.Contents, cert.PrivateKeyPassword, keyPairName); - } - } - - private void PerformDelete(CitrixAdcStore store, ManagementJobCertificate cert) - { - _logger.LogTrace("Enter PerformDelete"); - var sslKeyFile = store.GetKeyPairByName(cert.Alias); - - //1. Delete the Keypair - store.DeleteKeyPair(sslKeyFile); - - //2. Remove directory from file name, Delete the Key File - store.DeleteFile(Path.GetFileName(sslKeyFile.key)); - - //3. Remove directory from file name, Delete the Certificate File - store.DeleteFile(Path.GetFileName(sslKeyFile.cert)); - - _logger.LogTrace("Exit PerformDelete"); - } - - private JobResult ProcessJob(CitrixAdcStore store, ManagementJobConfiguration jobConfiguration) - { - _logger.LogDebug("Begin Management..."); - try { //Management jobs, unlike Discovery, Inventory, and ReEnrollment jobs can have 3 different purposes: switch (jobConfiguration.OperationType) { case CertStoreOperationType.Add: - var dup = store.IsDuplicateCertificate(jobConfiguration.JobCertificate.Alias); - if ((dup && jobConfiguration.Overwrite) || !dup || (jobConfiguration.JobProperties.ContainsKey("RenewalThumbprint"))) + List virtualServerNames = new List(); + List sniCerts = new List(); + + bool aliasExists = (store.AliasExists(jobConfiguration.JobCertificate.Alias)); + + if (aliasExists && !jobConfiguration.Overwrite) { - _logger.LogDebug("Begin Add..."); - var virtualServerName = (string)jobConfiguration.JobProperties["virtualServerName"]; - var sniCert = (string)jobConfiguration.JobProperties["sniCert"]; + throw new Exception($"Alias {jobConfiguration.JobCertificate.Alias} already exists in store {jobConfiguration.CertificateStoreDetails.StorePath} and overwrite is set to False. Please try again with overwrite set to True if you wish to replace this entry."); + } - dynamic properties = JsonConvert.DeserializeObject(jobConfiguration.CertificateStoreDetails.Properties.ToString()); - var linkToIssuer = properties.linkToIssuer == null || string.IsNullOrEmpty(properties.linkToIssuer.Value) ? false : Convert.ToBoolean(properties.linkToIssuer.Value); + _logger.LogDebug("Begin Add..."); + var virtualServerName = (string)jobConfiguration.JobProperties["virtualServerName"]; + var sniCert = (string)jobConfiguration.JobProperties["sniCert"]; - //Check if Keypair name exists, if so, we need to append something to it so we don't get downtime - var keyPairName = jobConfiguration.JobCertificate.Alias; + dynamic properties = JsonConvert.DeserializeObject(jobConfiguration.CertificateStoreDetails.Properties.ToString()); + var linkToIssuer = properties.linkToIssuer == null || string.IsNullOrEmpty(properties.linkToIssuer.Value) ? false : Convert.ToBoolean(properties.linkToIssuer.Value); - _logger.LogTrace($"keyPairName: {keyPairName} virtualServerName {virtualServerName}"); - if (jobConfiguration.JobProperties.ContainsKey("RenewalThumbprint")) - { - _thumbprint = jobConfiguration.JobProperties["RenewalThumbprint"].ToString(); - _logger.LogDebug($"It's a renewal with thumbprint {_thumbprint}"); - } + _logger.LogTrace($"alias: {jobConfiguration.JobCertificate.Alias} virtualServerName {virtualServerName}"); - //if there is no thumbprint from Keyfactor then it is an Add, else it is a renewal - if (string.IsNullOrEmpty(_thumbprint)) + if (!aliasExists) + { + if (!string.IsNullOrEmpty(virtualServerName)) { - _logger.LogDebug($"Begin Add/Enrollment... overwrite: {jobConfiguration.Overwrite}"); - PerformAdd(store, jobConfiguration.JobCertificate, keyPairName, virtualServerName, - jobConfiguration.Overwrite, sniCert, linkToIssuer); - _logger.LogDebug("End Add/Enrollment..."); + foreach (string vsName in virtualServerName.Split(",")) + virtualServerNames.Add(vsName); } - else - { - //PerformRenewal - //1. Get All Keys /config/sslcertkey store.ListKeyPairs() - var keyPairList = store.ListKeyPairs(); - - _logger.LogTrace($"KeyPairList: {JsonConvert.SerializeObject(keyPairList)}"); - //2. For Each check the binding /config/sslcertkey_binding store.GetBinding(strKey) - foreach (var kp in keyPairList) + if (!string.IsNullOrEmpty(sniCert)) + { + foreach(string sni in sniCert.Split(",")) { - //4. Open the file and check the thumbprint - var x = store.GetX509Certificate( - kp.cert.Substring(kp.cert.LastIndexOf("/", StringComparison.Ordinal) + 1), - out _); - - //5. If the Thumbprint matches the cert renewed from KF then PerformAdd With Overwrite - if (x?.Thumbprint == _thumbprint) + bool blnSni; + if (!Boolean.TryParse(sni.ToUpper(), out blnSni)) { - _logger.LogTrace($"Thumbprint Match: {_thumbprint}"); - var binding = store.GetBinding(kp.certkey); - _logger.LogTrace($"binding: {JsonConvert.SerializeObject(binding)}"); - if (binding != null) - { - if (binding?.sslcertkey_sslvserver_binding != null) - { - foreach (var sBinding in binding?.sslcertkey_sslvserver_binding) - { - _logger.LogTrace( - $"Starting PerformAdd Binding Name: {sBinding?.servername} kp.certkey: {kp?.certkey}"); - PerformAdd(store, jobConfiguration.JobCertificate, kp?.certkey, - sBinding?.servername, true, sniCert, linkToIssuer); - _logger.LogTrace( - $"Finished PerformAdd Binding Name: {sBinding?.servername} kp.certkey: {kp?.certkey}"); - } - } - else - { - _logger.LogTrace($"Renewing cert with no binding Information"); - PerformAdd(store, jobConfiguration.JobCertificate, kp?.certkey, null, true, null, linkToIssuer); - _logger.LogTrace($"Finished Renewing cert with no binding Information"); - } - } - else - { - _logger.LogTrace($"Renewing cert with no binding Information"); - PerformAdd(store, jobConfiguration.JobCertificate, kp?.certkey,null, true, null,linkToIssuer); - _logger.LogTrace($"Finished Renewing cert with no binding Information"); - } - + string errMessage = $"Invalid non boolean SNI value - {sni}"; + _logger.LogError(errMessage); + throw new Exception(errMessage); } + sniCerts.Add(blnSni); } } + + if (virtualServerNames.Count != sniCerts.Count) + { + string errMsg = $"Number of virtual server Names ({virtualServerNames.Count.ToString()}) does not match the number of SNI cert values ({sniCerts.Count.ToString()}"; + _logger.LogError(errMsg); + throw new Exception(errMsg); + } } - else + + PerformAdd(store, jobConfiguration.JobCertificate, virtualServerNames, + aliasExists, jobConfiguration.Overwrite, sniCerts, linkToIssuer); + + if (ApplicationSettings.AutoSaveConfig) { - return new JobResult - { - Result = OrchestratorJobStatusJobResult.Failure, - JobHistoryId = jobConfiguration.JobHistoryId, - FailureMessage = - $"You must use overwrite, a duplicate alias was found {jobConfiguration.JobCertificate.Alias}" - }; + _logger.LogDebug("Saving configuration..."); + store.SaveConfiguration(); } break; @@ -273,12 +176,60 @@ private JobResult ProcessJob(CitrixAdcStore store, ManagementJobConfiguration jo }; } - return new JobResult + JobResult result = new JobResult { Result = OrchestratorJobStatusJobResult.Success, - JobHistoryId = jobConfiguration.JobHistoryId, - FailureMessage = "" + JobHistoryId = jobConfiguration.JobHistoryId }; + + _logger.LogDebug("Logging out of Citrix..."); + store.Logout(); + + _logger.LogDebug("Exiting ProcessJob"); + + _logger.MethodExit(LogLevel.Debug); + return result; + } + + private void PerformAdd(CitrixAdcStore store, ManagementJobCertificate cert, + List virtualServerNames, bool aliasExists, bool overwrite, List sniCerts, bool linkToIssuer) + { + _logger.MethodEntry(LogLevel.Debug); + + _logger.LogDebug("Updating keyPair"); + + var (pemFile, privateKeyFile) = store.UploadCertificate(cert.Contents, cert.PrivateKeyPassword, cert.Alias, overwrite); + store.UpdateKeyPair(cert.Alias, pemFile.filename, privateKeyFile.filename); + + _logger.LogDebug("Updating cert bindings"); + //update cert bindings + if (virtualServerNames.Count > 0) + store.UpdateBindings(cert.Alias, virtualServerNames, sniCerts); + + if (linkToIssuer) + { + store.LinkToIssuer(cert.Contents, cert.PrivateKeyPassword, cert.Alias); + } + + _logger.MethodExit(LogLevel.Debug); + } + + private void PerformDelete(CitrixAdcStore store, ManagementJobCertificate cert) + { + _logger.MethodEntry(LogLevel.Debug); + + var sslKeyFile = store.GetKeyPairByName(cert.Alias); + + //1. Delete the Keypair + store.DeleteKeyPair(sslKeyFile); + + //2. Remove directory from file name, Delete the Key File + store.DeleteFile(Path.GetFileName(sslKeyFile.key)); + + //3. Remove directory from file name, Delete the Certificate File + store.DeleteFile(Path.GetFileName(sslKeyFile.cert)); + + _logger.MethodExit(LogLevel.Debug); } } } \ No newline at end of file diff --git a/CitrixAdcTestConsole/CitrixAdcTestConsole.csproj b/CitrixAdcTestConsole/CitrixAdcTestConsole.csproj index 1626618..448a5dc 100644 --- a/CitrixAdcTestConsole/CitrixAdcTestConsole.csproj +++ b/CitrixAdcTestConsole/CitrixAdcTestConsole.csproj @@ -2,13 +2,13 @@ Exe - netcoreapp3.1 + net6.0 - + diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/BouncyCastle.Crypto.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/BouncyCastle.Crypto.dll new file mode 100644 index 0000000..b5e6908 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/BouncyCastle.Crypto.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Castle.Core.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Castle.Core.dll new file mode 100644 index 0000000..527172e Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Castle.Core.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.deps.json b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.deps.json new file mode 100644 index 0000000..ee98596 --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.deps.json @@ -0,0 +1,2117 @@ +{ + "runtimeTarget": { + "name": ".NETCoreApp,Version=v6.0", + "signature": "" + }, + "compilationOptions": {}, + "targets": { + ".NETCoreApp,Version=v6.0": { + "CitrixAdcTestConsole/1.0.0": { + "dependencies": { + "Keyfactor.Extensions.Orchestrator.CitricAdc": "1.0.0", + "Microsoft.Extensions.Logging": "6.0.0", + "Moq.AutoMock": "3.4.0", + "RestSharp": "112.1.0" + }, + "runtime": { + "CitrixAdcTestConsole.dll": {} + } + }, + "Castle.Core/4.4.0": { + "dependencies": { + "NETStandard.Library": "1.6.1", + "System.Collections.Specialized": "4.3.0", + "System.ComponentModel": "4.3.0", + "System.ComponentModel.TypeConverter": "4.3.0", + "System.Diagnostics.TraceSource": "4.3.0", + "System.Dynamic.Runtime": "4.3.0", + "System.Reflection": "4.3.0", + "System.Reflection.Emit": "4.3.0", + "System.Reflection.TypeExtensions": "4.3.0", + "System.Xml.XmlDocument": "4.3.0" + }, + "runtime": { + "lib/netstandard1.5/Castle.Core.dll": { + "assemblyVersion": "4.0.0.0", + "fileVersion": "4.4.0.0" + } + } + }, + "Keyfactor.Common/2.3.6": { + "dependencies": { + "Keyfactor.Logging": "1.1.1", + "Microsoft.CSharp": "4.7.0", + "Microsoft.Extensions.Configuration": "5.0.0", + "Microsoft.Extensions.Configuration.Abstractions": "5.0.0", + "Microsoft.Extensions.Configuration.Binder": "5.0.0", + "Microsoft.Extensions.Configuration.Json": "5.0.0", + "Microsoft.Extensions.Logging.Abstractions": "6.0.0", + "Microsoft.Win32.Registry": "5.0.0", + "Newtonsoft.Json": "12.0.3", + "System.ComponentModel.Annotations": "5.0.0", + "System.DirectoryServices": "5.0.0", + "System.Runtime.Caching": "5.0.0", + "System.Security.Cryptography.ProtectedData": "5.0.0" + }, + "runtime": { + "lib/netcoreapp3.1/Keyfactor.Common.dll": { + "assemblyVersion": "2.3.6.0", + "fileVersion": "0.0.0.0" + } + } + }, + "Keyfactor.Logging/1.1.1": { + "dependencies": { + "Microsoft.Extensions.Logging.Abstractions": "6.0.0", + "System.DirectoryServices": "5.0.0" + }, + "runtime": { + "lib/netstandard2.0/Keyfactor.Logging.dll": { + "assemblyVersion": "1.1.1.0", + "fileVersion": "1.1.1.0" + } + } + }, + "Keyfactor.Orchestrators.Common/3.0.0": { + "runtime": { + "lib/netstandard2.0/Keyfactor.Orchestrators.Common.dll": { + "assemblyVersion": "3.0.0.0", + "fileVersion": "3.0.0.0" + } + } + }, + "Keyfactor.Orchestrators.IOrchestratorJobExtensions/0.7.0": { + "dependencies": { + "Keyfactor.Orchestrators.Common": "3.0.0", + "Newtonsoft.Json": "12.0.3" + }, + "runtime": { + "lib/netstandard2.0/Keyfactor.Orchestrators.IOrchestratorJobExtensions.dll": { + "assemblyVersion": "0.7.0.0", + "fileVersion": "0.7.0.0" + } + } + }, + "Microsoft.CSharp/4.7.0": {}, + "Microsoft.Extensions.Configuration/5.0.0": { + "dependencies": { + "Microsoft.Extensions.Configuration.Abstractions": "5.0.0", + "Microsoft.Extensions.Primitives": "6.0.0" + }, + "runtime": { + "lib/netstandard2.0/Microsoft.Extensions.Configuration.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.Configuration.Abstractions/5.0.0": { + "dependencies": { + "Microsoft.Extensions.Primitives": "6.0.0" + }, + "runtime": { + "lib/netstandard2.0/Microsoft.Extensions.Configuration.Abstractions.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.Configuration.Binder/5.0.0": { + "dependencies": { + "Microsoft.Extensions.Configuration.Abstractions": "5.0.0" + }, + "runtime": { + "lib/netstandard2.0/Microsoft.Extensions.Configuration.Binder.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.Configuration.FileExtensions/5.0.0": { + "dependencies": { + "Microsoft.Extensions.Configuration": "5.0.0", + "Microsoft.Extensions.Configuration.Abstractions": "5.0.0", + "Microsoft.Extensions.FileProviders.Abstractions": "5.0.0", + "Microsoft.Extensions.FileProviders.Physical": "5.0.0", + "Microsoft.Extensions.Primitives": "6.0.0" + }, + "runtime": { + "lib/netstandard2.0/Microsoft.Extensions.Configuration.FileExtensions.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.Configuration.Json/5.0.0": { + "dependencies": { + "Microsoft.Extensions.Configuration": "5.0.0", + "Microsoft.Extensions.Configuration.Abstractions": "5.0.0", + "Microsoft.Extensions.Configuration.FileExtensions": "5.0.0", + "Microsoft.Extensions.FileProviders.Abstractions": "5.0.0" + }, + "runtime": { + "lib/netstandard2.1/Microsoft.Extensions.Configuration.Json.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.DependencyInjection/6.0.0": { + "dependencies": { + "Microsoft.Extensions.DependencyInjection.Abstractions": "6.0.0", + "System.Runtime.CompilerServices.Unsafe": "6.0.0" + }, + "runtime": { + "lib/net6.0/Microsoft.Extensions.DependencyInjection.dll": { + "assemblyVersion": "6.0.0.0", + "fileVersion": "6.0.21.52210" + } + } + }, + "Microsoft.Extensions.DependencyInjection.Abstractions/6.0.0": { + "runtime": { + "lib/net6.0/Microsoft.Extensions.DependencyInjection.Abstractions.dll": { + "assemblyVersion": "6.0.0.0", + "fileVersion": "6.0.21.52210" + } + } + }, + "Microsoft.Extensions.FileProviders.Abstractions/5.0.0": { + "dependencies": { + "Microsoft.Extensions.Primitives": "6.0.0" + }, + "runtime": { + "lib/netstandard2.0/Microsoft.Extensions.FileProviders.Abstractions.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.FileProviders.Physical/5.0.0": { + "dependencies": { + "Microsoft.Extensions.FileProviders.Abstractions": "5.0.0", + "Microsoft.Extensions.FileSystemGlobbing": "5.0.0", + "Microsoft.Extensions.Primitives": "6.0.0" + }, + "runtime": { + "lib/netstandard2.0/Microsoft.Extensions.FileProviders.Physical.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.FileSystemGlobbing/5.0.0": { + "runtime": { + "lib/netstandard2.0/Microsoft.Extensions.FileSystemGlobbing.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Microsoft.Extensions.Logging/6.0.0": { + "dependencies": { + "Microsoft.Extensions.DependencyInjection": "6.0.0", + "Microsoft.Extensions.DependencyInjection.Abstractions": "6.0.0", + "Microsoft.Extensions.Logging.Abstractions": "6.0.0", + "Microsoft.Extensions.Options": "6.0.0", + "System.Diagnostics.DiagnosticSource": "6.0.0" + }, + "runtime": { + "lib/netstandard2.1/Microsoft.Extensions.Logging.dll": { + "assemblyVersion": "6.0.0.0", + "fileVersion": "6.0.21.52210" + } + } + }, + "Microsoft.Extensions.Logging.Abstractions/6.0.0": { + "runtime": { + "lib/net6.0/Microsoft.Extensions.Logging.Abstractions.dll": { + "assemblyVersion": "6.0.0.0", + "fileVersion": "6.0.21.52210" + } + } + }, + "Microsoft.Extensions.Options/6.0.0": { + "dependencies": { + "Microsoft.Extensions.DependencyInjection.Abstractions": "6.0.0", + "Microsoft.Extensions.Primitives": "6.0.0" + }, + "runtime": { + "lib/netstandard2.1/Microsoft.Extensions.Options.dll": { + "assemblyVersion": "6.0.0.0", + "fileVersion": "6.0.21.52210" + } + } + }, + "Microsoft.Extensions.Primitives/6.0.0": { + "dependencies": { + "System.Runtime.CompilerServices.Unsafe": "6.0.0" + }, + "runtime": { + "lib/net6.0/Microsoft.Extensions.Primitives.dll": { + "assemblyVersion": "6.0.0.0", + "fileVersion": "6.0.21.52210" + } + } + }, + "Microsoft.NETCore.Platforms/5.0.0": {}, + "Microsoft.NETCore.Targets/1.1.0": {}, + "Microsoft.Win32.Primitives/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "Microsoft.Win32.Registry/5.0.0": { + "dependencies": { + "System.Security.AccessControl": "5.0.0", + "System.Security.Principal.Windows": "5.0.0" + } + }, + "Microsoft.Win32.SystemEvents/5.0.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0" + }, + "runtime": { + "lib/netstandard2.0/Microsoft.Win32.SystemEvents.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + }, + "runtimeTargets": { + "runtimes/win/lib/netcoreapp3.0/Microsoft.Win32.SystemEvents.dll": { + "rid": "win", + "assetType": "runtime", + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "Moq/4.16.1": { + "dependencies": { + "Castle.Core": "4.4.0", + "System.Threading.Tasks.Extensions": "4.5.4" + }, + "runtime": { + "lib/netstandard2.1/Moq.dll": { + "assemblyVersion": "4.16.0.0", + "fileVersion": "4.16.1.0" + } + } + }, + "Moq.AutoMock/3.4.0": { + "dependencies": { + "Moq": "4.16.1" + }, + "runtime": { + "lib/netstandard2.0/Moq.AutoMock.dll": { + "assemblyVersion": "3.4.0.0", + "fileVersion": "3.4.0.0" + } + } + }, + "NETStandard.Library/1.6.1": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.Win32.Primitives": "4.3.0", + "System.AppContext": "4.3.0", + "System.Collections": "4.3.0", + "System.Collections.Concurrent": "4.3.0", + "System.Console": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Diagnostics.Tools": "4.3.0", + "System.Diagnostics.Tracing": "4.3.0", + "System.Globalization": "4.3.0", + "System.Globalization.Calendars": "4.3.0", + "System.IO": "4.3.0", + "System.IO.Compression": "4.3.0", + "System.IO.Compression.ZipFile": "4.3.0", + "System.IO.FileSystem": "4.3.0", + "System.IO.FileSystem.Primitives": "4.3.0", + "System.Linq": "4.3.0", + "System.Linq.Expressions": "4.3.0", + "System.Net.Http": "4.3.0", + "System.Net.Primitives": "4.3.0", + "System.Net.Sockets": "4.3.0", + "System.ObjectModel": "4.3.0", + "System.Reflection": "4.3.0", + "System.Reflection.Extensions": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Runtime.InteropServices.RuntimeInformation": "4.3.0", + "System.Runtime.Numerics": "4.3.0", + "System.Security.Cryptography.Algorithms": "4.3.0", + "System.Security.Cryptography.Encoding": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Security.Cryptography.X509Certificates": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Text.Encoding.Extensions": "4.3.0", + "System.Text.RegularExpressions": "4.3.0", + "System.Threading": "4.3.0", + "System.Threading.Tasks": "4.3.0", + "System.Threading.Timer": "4.3.0", + "System.Xml.ReaderWriter": "4.3.0", + "System.Xml.XDocument": "4.3.0" + } + }, + "Newtonsoft.Json/12.0.3": { + "runtime": { + "lib/netstandard2.0/Newtonsoft.Json.dll": { + "assemblyVersion": "12.0.0.0", + "fileVersion": "12.0.3.23909" + } + } + }, + "Portable.BouncyCastle/1.8.10": { + "runtime": { + "lib/netstandard2.0/BouncyCastle.Crypto.dll": { + "assemblyVersion": "1.8.10.0", + "fileVersion": "1.8.10.1" + } + } + }, + "RestSharp/112.1.0": { + "runtime": { + "lib/net6.0/RestSharp.dll": { + "assemblyVersion": "112.1.0.0", + "fileVersion": "112.1.0.0" + } + } + }, + "runtime.debian.8-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.fedora.23-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.fedora.24-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.native.System/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0" + } + }, + "runtime.native.System.IO.Compression/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0" + } + }, + "runtime.native.System.Net.Http/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0" + } + }, + "runtime.native.System.Security.Cryptography.Apple/4.3.0": { + "dependencies": { + "runtime.osx.10.10-x64.runtime.native.System.Security.Cryptography.Apple": "4.3.0" + } + }, + "runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "dependencies": { + "runtime.debian.8-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.fedora.23-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.fedora.24-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.opensuse.13.2-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.opensuse.42.1-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.osx.10.10-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.rhel.7-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.ubuntu.14.04-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.ubuntu.16.04-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0", + "runtime.ubuntu.16.10-x64.runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0" + } + }, + "runtime.opensuse.13.2-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.opensuse.42.1-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.osx.10.10-x64.runtime.native.System.Security.Cryptography.Apple/4.3.0": {}, + "runtime.osx.10.10-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.rhel.7-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.ubuntu.14.04-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.ubuntu.16.04-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "runtime.ubuntu.16.10-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": {}, + "System.AppContext/4.3.0": { + "dependencies": { + "System.Runtime": "4.3.0" + } + }, + "System.Buffers/4.3.0": { + "dependencies": { + "System.Diagnostics.Debug": "4.3.0", + "System.Diagnostics.Tracing": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.Collections/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Collections.Concurrent/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Diagnostics.Tracing": "4.3.0", + "System.Globalization": "4.3.0", + "System.Reflection": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Threading": "4.3.0", + "System.Threading.Tasks": "4.3.0" + } + }, + "System.Collections.NonGeneric/4.3.0": { + "dependencies": { + "System.Diagnostics.Debug": "4.3.0", + "System.Globalization": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.Collections.Specialized/4.3.0": { + "dependencies": { + "System.Collections.NonGeneric": "4.3.0", + "System.Globalization": "4.3.0", + "System.Globalization.Extensions": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.ComponentModel/4.3.0": { + "dependencies": { + "System.Runtime": "4.3.0" + } + }, + "System.ComponentModel.Annotations/5.0.0": {}, + "System.ComponentModel.Primitives/4.3.0": { + "dependencies": { + "System.ComponentModel": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.ComponentModel.TypeConverter/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Collections.NonGeneric": "4.3.0", + "System.Collections.Specialized": "4.3.0", + "System.ComponentModel": "4.3.0", + "System.ComponentModel.Primitives": "4.3.0", + "System.Globalization": "4.3.0", + "System.Linq": "4.3.0", + "System.Reflection": "4.3.0", + "System.Reflection.Extensions": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Reflection.TypeExtensions": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.Configuration.ConfigurationManager/5.0.0": { + "dependencies": { + "System.Security.Cryptography.ProtectedData": "5.0.0", + "System.Security.Permissions": "5.0.0" + }, + "runtime": { + "lib/netstandard2.0/System.Configuration.ConfigurationManager.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "System.Console/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.IO": "4.3.0", + "System.Runtime": "4.3.0", + "System.Text.Encoding": "4.3.0" + } + }, + "System.Diagnostics.Debug/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Diagnostics.DiagnosticSource/6.0.0": { + "dependencies": { + "System.Runtime.CompilerServices.Unsafe": "6.0.0" + } + }, + "System.Diagnostics.Tools/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Diagnostics.TraceSource/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Globalization": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Threading": "4.3.0", + "runtime.native.System": "4.3.0" + } + }, + "System.Diagnostics.Tracing/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.DirectoryServices/5.0.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.IO.FileSystem.AccessControl": "5.0.0", + "System.Security.AccessControl": "5.0.0", + "System.Security.Permissions": "5.0.0", + "System.Security.Principal.Windows": "5.0.0" + }, + "runtime": { + "lib/netstandard2.0/System.DirectoryServices.dll": { + "assemblyVersion": "4.0.0.0", + "fileVersion": "5.0.20.51904" + } + }, + "runtimeTargets": { + "runtimes/win/lib/netcoreapp2.0/System.DirectoryServices.dll": { + "rid": "win", + "assetType": "runtime", + "assemblyVersion": "4.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "System.Drawing.Common/5.0.0": { + "dependencies": { + "Microsoft.Win32.SystemEvents": "5.0.0" + }, + "runtime": { + "lib/netcoreapp3.0/System.Drawing.Common.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + }, + "runtimeTargets": { + "runtimes/unix/lib/netcoreapp3.0/System.Drawing.Common.dll": { + "rid": "unix", + "assetType": "runtime", + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + }, + "runtimes/win/lib/netcoreapp3.0/System.Drawing.Common.dll": { + "rid": "win", + "assetType": "runtime", + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "System.Dynamic.Runtime/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Linq": "4.3.0", + "System.Linq.Expressions": "4.3.0", + "System.ObjectModel": "4.3.0", + "System.Reflection": "4.3.0", + "System.Reflection.Emit": "4.3.0", + "System.Reflection.Emit.ILGeneration": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Reflection.TypeExtensions": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.Globalization/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Globalization.Calendars/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Globalization": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Globalization.Extensions/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Globalization": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.InteropServices": "4.3.0" + } + }, + "System.IO/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading.Tasks": "4.3.0" + } + }, + "System.IO.Compression/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Buffers": "4.3.0", + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.IO": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading": "4.3.0", + "System.Threading.Tasks": "4.3.0", + "runtime.native.System": "4.3.0", + "runtime.native.System.IO.Compression": "4.3.0" + } + }, + "System.IO.Compression.ZipFile/4.3.0": { + "dependencies": { + "System.Buffers": "4.3.0", + "System.IO": "4.3.0", + "System.IO.Compression": "4.3.0", + "System.IO.FileSystem": "4.3.0", + "System.IO.FileSystem.Primitives": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Text.Encoding": "4.3.0" + } + }, + "System.IO.FileSystem/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.IO": "4.3.0", + "System.IO.FileSystem.Primitives": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading.Tasks": "4.3.0" + } + }, + "System.IO.FileSystem.AccessControl/5.0.0": { + "dependencies": { + "System.Security.AccessControl": "5.0.0", + "System.Security.Principal.Windows": "5.0.0" + } + }, + "System.IO.FileSystem.Primitives/4.3.0": { + "dependencies": { + "System.Runtime": "4.3.0" + } + }, + "System.Linq/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0" + } + }, + "System.Linq.Expressions/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Globalization": "4.3.0", + "System.IO": "4.3.0", + "System.Linq": "4.3.0", + "System.ObjectModel": "4.3.0", + "System.Reflection": "4.3.0", + "System.Reflection.Emit": "4.3.0", + "System.Reflection.Emit.ILGeneration": "4.3.0", + "System.Reflection.Emit.Lightweight": "4.3.0", + "System.Reflection.Extensions": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Reflection.TypeExtensions": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.Net.Http/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Diagnostics.DiagnosticSource": "6.0.0", + "System.Diagnostics.Tracing": "4.3.0", + "System.Globalization": "4.3.0", + "System.Globalization.Extensions": "4.3.0", + "System.IO": "4.3.0", + "System.IO.FileSystem": "4.3.0", + "System.Net.Primitives": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Security.Cryptography.Algorithms": "4.3.0", + "System.Security.Cryptography.Encoding": "4.3.0", + "System.Security.Cryptography.OpenSsl": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Security.Cryptography.X509Certificates": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading": "4.3.0", + "System.Threading.Tasks": "4.3.0", + "runtime.native.System": "4.3.0", + "runtime.native.System.Net.Http": "4.3.0", + "runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0" + } + }, + "System.Net.Primitives/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0", + "System.Runtime.Handles": "4.3.0" + } + }, + "System.Net.Sockets/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.IO": "4.3.0", + "System.Net.Primitives": "4.3.0", + "System.Runtime": "4.3.0", + "System.Threading.Tasks": "4.3.0" + } + }, + "System.ObjectModel/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.Reflection/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.IO": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Reflection.Emit/4.3.0": { + "dependencies": { + "System.IO": "4.3.0", + "System.Reflection": "4.3.0", + "System.Reflection.Emit.ILGeneration": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Reflection.Emit.ILGeneration/4.3.0": { + "dependencies": { + "System.Reflection": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Reflection.Emit.Lightweight/4.3.0": { + "dependencies": { + "System.Reflection": "4.3.0", + "System.Reflection.Emit.ILGeneration": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Reflection.Extensions/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Reflection": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Reflection.Primitives/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Reflection.TypeExtensions/4.3.0": { + "dependencies": { + "System.Reflection": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Resources.ResourceManager/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Globalization": "4.3.0", + "System.Reflection": "4.3.0", + "System.Runtime": "4.3.0" + } + }, + "System.Runtime/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0" + } + }, + "System.Runtime.Caching/5.0.0": { + "dependencies": { + "System.Configuration.ConfigurationManager": "5.0.0" + }, + "runtime": { + "lib/netstandard2.0/System.Runtime.Caching.dll": { + "assemblyVersion": "4.0.0.0", + "fileVersion": "5.0.20.51904" + } + }, + "runtimeTargets": { + "runtimes/win/lib/netstandard2.0/System.Runtime.Caching.dll": { + "rid": "win", + "assetType": "runtime", + "assemblyVersion": "4.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "System.Runtime.CompilerServices.Unsafe/6.0.0": {}, + "System.Runtime.Extensions/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Runtime.Handles/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Runtime.InteropServices/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Reflection": "4.3.0", + "System.Reflection.Primitives": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Handles": "4.3.0" + } + }, + "System.Runtime.InteropServices.RuntimeInformation/4.3.0": { + "dependencies": { + "System.Reflection": "4.3.0", + "System.Reflection.Extensions": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Threading": "4.3.0", + "runtime.native.System": "4.3.0" + } + }, + "System.Runtime.Numerics/4.3.0": { + "dependencies": { + "System.Globalization": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0" + } + }, + "System.Security.AccessControl/5.0.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Security.Principal.Windows": "5.0.0" + } + }, + "System.Security.Cryptography.Algorithms/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Collections": "4.3.0", + "System.IO": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Runtime.Numerics": "4.3.0", + "System.Security.Cryptography.Encoding": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Text.Encoding": "4.3.0", + "runtime.native.System.Security.Cryptography.Apple": "4.3.0", + "runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0" + } + }, + "System.Security.Cryptography.Cng/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.IO": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Security.Cryptography.Algorithms": "4.3.0", + "System.Security.Cryptography.Encoding": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Text.Encoding": "4.3.0" + } + }, + "System.Security.Cryptography.Csp/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.IO": "4.3.0", + "System.Reflection": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Security.Cryptography.Algorithms": "4.3.0", + "System.Security.Cryptography.Encoding": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading": "4.3.0" + } + }, + "System.Security.Cryptography.Encoding/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Collections": "4.3.0", + "System.Collections.Concurrent": "4.3.0", + "System.Linq": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Text.Encoding": "4.3.0", + "runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0" + } + }, + "System.Security.Cryptography.OpenSsl/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.IO": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Runtime.Numerics": "4.3.0", + "System.Security.Cryptography.Algorithms": "4.3.0", + "System.Security.Cryptography.Encoding": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Text.Encoding": "4.3.0", + "runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0" + } + }, + "System.Security.Cryptography.Primitives/4.3.0": { + "dependencies": { + "System.Diagnostics.Debug": "4.3.0", + "System.Globalization": "4.3.0", + "System.IO": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Threading": "4.3.0", + "System.Threading.Tasks": "4.3.0" + } + }, + "System.Security.Cryptography.ProtectedData/5.0.0": { + "runtime": { + "lib/netstandard2.0/System.Security.Cryptography.ProtectedData.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + }, + "runtimeTargets": { + "runtimes/win/lib/netstandard2.0/System.Security.Cryptography.ProtectedData.dll": { + "rid": "win", + "assetType": "runtime", + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "System.Security.Cryptography.X509Certificates/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Globalization": "4.3.0", + "System.Globalization.Calendars": "4.3.0", + "System.IO": "4.3.0", + "System.IO.FileSystem": "4.3.0", + "System.IO.FileSystem.Primitives": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.Handles": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Runtime.Numerics": "4.3.0", + "System.Security.Cryptography.Algorithms": "4.3.0", + "System.Security.Cryptography.Cng": "4.3.0", + "System.Security.Cryptography.Csp": "4.3.0", + "System.Security.Cryptography.Encoding": "4.3.0", + "System.Security.Cryptography.OpenSsl": "4.3.0", + "System.Security.Cryptography.Primitives": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading": "4.3.0", + "runtime.native.System": "4.3.0", + "runtime.native.System.Net.Http": "4.3.0", + "runtime.native.System.Security.Cryptography.OpenSsl": "4.3.0" + } + }, + "System.Security.Permissions/5.0.0": { + "dependencies": { + "System.Security.AccessControl": "5.0.0", + "System.Windows.Extensions": "5.0.0" + }, + "runtime": { + "lib/net5.0/System.Security.Permissions.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "System.Security.Principal.Windows/5.0.0": {}, + "System.Text.Encoding/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Text.Encoding.Extensions/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0", + "System.Text.Encoding": "4.3.0" + } + }, + "System.Text.Encodings.Web/6.0.0": { + "dependencies": { + "System.Runtime.CompilerServices.Unsafe": "6.0.0" + } + }, + "System.Text.RegularExpressions/4.3.0": { + "dependencies": { + "System.Runtime": "4.3.0" + } + }, + "System.Threading/4.3.0": { + "dependencies": { + "System.Runtime": "4.3.0", + "System.Threading.Tasks": "4.3.0" + } + }, + "System.Threading.Tasks/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Threading.Tasks.Extensions/4.5.4": {}, + "System.Threading.Timer/4.3.0": { + "dependencies": { + "Microsoft.NETCore.Platforms": "5.0.0", + "Microsoft.NETCore.Targets": "1.1.0", + "System.Runtime": "4.3.0" + } + }, + "System.Windows.Extensions/5.0.0": { + "dependencies": { + "System.Drawing.Common": "5.0.0" + }, + "runtime": { + "lib/netcoreapp3.0/System.Windows.Extensions.dll": { + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + }, + "runtimeTargets": { + "runtimes/win/lib/netcoreapp3.0/System.Windows.Extensions.dll": { + "rid": "win", + "assetType": "runtime", + "assemblyVersion": "5.0.0.0", + "fileVersion": "5.0.20.51904" + } + } + }, + "System.Xml.ReaderWriter/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Globalization": "4.3.0", + "System.IO": "4.3.0", + "System.IO.FileSystem": "4.3.0", + "System.IO.FileSystem.Primitives": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Runtime.InteropServices": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Text.Encoding.Extensions": "4.3.0", + "System.Text.RegularExpressions": "4.3.0", + "System.Threading.Tasks": "4.3.0", + "System.Threading.Tasks.Extensions": "4.5.4" + } + }, + "System.Xml.XDocument/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Diagnostics.Tools": "4.3.0", + "System.Globalization": "4.3.0", + "System.IO": "4.3.0", + "System.Reflection": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading": "4.3.0", + "System.Xml.ReaderWriter": "4.3.0" + } + }, + "System.Xml.XmlDocument/4.3.0": { + "dependencies": { + "System.Collections": "4.3.0", + "System.Diagnostics.Debug": "4.3.0", + "System.Globalization": "4.3.0", + "System.IO": "4.3.0", + "System.Resources.ResourceManager": "4.3.0", + "System.Runtime": "4.3.0", + "System.Runtime.Extensions": "4.3.0", + "System.Text.Encoding": "4.3.0", + "System.Threading": "4.3.0", + "System.Xml.ReaderWriter": "4.3.0" + } + }, + "Keyfactor.Extensions.Orchestrator.CitricAdc/1.0.0": { + "dependencies": { + "Keyfactor.Common": "2.3.6", + "Keyfactor.Logging": "1.1.1", + "Keyfactor.Orchestrators.IOrchestratorJobExtensions": "0.7.0", + "Portable.BouncyCastle": "1.8.10", + "System.Text.Encodings.Web": "6.0.0" + }, + "runtime": { + "Keyfactor.Extensions.Orchestrator.CitricAdc.dll": { + "assemblyVersion": "1.0.0", + "fileVersion": "1.0.0.0" + } + } + }, + "nitro/0.0.0.0": { + "runtime": { + "nitro.dll": { + "assemblyVersion": "0.0.0.0", + "fileVersion": "13.0.90.7" + } + } + } + } + }, + "libraries": { + "CitrixAdcTestConsole/1.0.0": { + "type": "project", + "serviceable": false, + "sha512": "" + }, + "Castle.Core/4.4.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-b5rRL5zeaau1y/5hIbI+6mGw3cwun16YjkHZnV9RRT5UyUIFsgLmNXJ0YnIN9p8Hw7K7AbG1q1UclQVU3DinAQ==", + "path": "castle.core/4.4.0", + "hashPath": "castle.core.4.4.0.nupkg.sha512" + }, + "Keyfactor.Common/2.3.6": { + "type": "package", + "serviceable": true, + "sha512": "sha512-qV/8mikbOrf+N9GsomuvawKcjZ36A+8TQwR9A+aWkGLd5+5Sh8e9rcxTPD4qMXmKQSgDAue9Xyofkkb6mRbwog==", + "path": "keyfactor.common/2.3.6", + "hashPath": "keyfactor.common.2.3.6.nupkg.sha512" + }, + "Keyfactor.Logging/1.1.1": { + "type": "package", + "serviceable": true, + "sha512": "sha512-vxg8WeDfmunpYosGHXwtSOqWg1TFmNETIWCGHo5/RCFvPTbqJ0zqXKU9pg5tg85Fb4JB2fJ99mWsm5tG44wkfQ==", + "path": "keyfactor.logging/1.1.1", + "hashPath": "keyfactor.logging.1.1.1.nupkg.sha512" + }, + "Keyfactor.Orchestrators.Common/3.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-/gGqjMnPy9WVvhinFSqR/1LAD+V6Ne6LaKh1RqIY5yt9A3akEqAvtmdd0Wp2ke7k6NFi6NQc6s076TTUYjEMyg==", + "path": "keyfactor.orchestrators.common/3.0.0", + "hashPath": "keyfactor.orchestrators.common.3.0.0.nupkg.sha512" + }, + "Keyfactor.Orchestrators.IOrchestratorJobExtensions/0.7.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-aPqE0fvS2IoHg7mE+EtnK4Cnx61uRM0yuWSuolYHJfvmbLZqRnMl485mQzHrEdWxzoNgmSEeCklOs+LhTxv8LA==", + "path": "keyfactor.orchestrators.iorchestratorjobextensions/0.7.0", + "hashPath": "keyfactor.orchestrators.iorchestratorjobextensions.0.7.0.nupkg.sha512" + }, + "Microsoft.CSharp/4.7.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-pTj+D3uJWyN3My70i2Hqo+OXixq3Os2D1nJ2x92FFo6sk8fYS1m1WLNTs0Dc1uPaViH0YvEEwvzddQ7y4rhXmA==", + "path": "microsoft.csharp/4.7.0", + "hashPath": "microsoft.csharp.4.7.0.nupkg.sha512" + }, + "Microsoft.Extensions.Configuration/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-LN322qEKHjuVEhhXueTUe7RNePooZmS8aGid5aK2woX3NPjSnONFyKUc6+JknOS6ce6h2tCLfKPTBXE3mN/6Ag==", + "path": "microsoft.extensions.configuration/5.0.0", + "hashPath": "microsoft.extensions.configuration.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Configuration.Abstractions/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-ETjSBHMp3OAZ4HxGQYpwyGsD8Sw5FegQXphi0rpoGMT74S4+I2mm7XJEswwn59XAaKOzC15oDSOWEE8SzDCd6Q==", + "path": "microsoft.extensions.configuration.abstractions/5.0.0", + "hashPath": "microsoft.extensions.configuration.abstractions.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Configuration.Binder/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-Of1Irt1+NzWO+yEYkuDh5TpT4On7LKl98Q9iLqCdOZps6XXEWDj3AKtmyvzJPVXZe4apmkJJIiDL7rR1yC+hjQ==", + "path": "microsoft.extensions.configuration.binder/5.0.0", + "hashPath": "microsoft.extensions.configuration.binder.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Configuration.FileExtensions/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-rRdspYKA18ViPOISwAihhCMbusHsARCOtDMwa23f+BGEdIjpKPlhs3LLjmKlxfhpGXBjIsS0JpXcChjRUN+PAw==", + "path": "microsoft.extensions.configuration.fileextensions/5.0.0", + "hashPath": "microsoft.extensions.configuration.fileextensions.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Configuration.Json/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-Pak8ymSUfdzPfBTLHxeOwcR32YDbuVfhnH2hkfOLnJNQd19ItlBdpMjIDY9C5O/nS2Sn9bzDMai0ZrvF7KyY/Q==", + "path": "microsoft.extensions.configuration.json/5.0.0", + "hashPath": "microsoft.extensions.configuration.json.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.DependencyInjection/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-k6PWQMuoBDGGHOQTtyois2u4AwyVcIwL2LaSLlTZQm2CYcJ1pxbt6jfAnpWmzENA/wfrYRI/X9DTLoUkE4AsLw==", + "path": "microsoft.extensions.dependencyinjection/6.0.0", + "hashPath": "microsoft.extensions.dependencyinjection.6.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.DependencyInjection.Abstractions/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-xlzi2IYREJH3/m6+lUrQlujzX8wDitm4QGnUu6kUXTQAWPuZY8i+ticFJbzfqaetLA6KR/rO6Ew/HuYD+bxifg==", + "path": "microsoft.extensions.dependencyinjection.abstractions/6.0.0", + "hashPath": "microsoft.extensions.dependencyinjection.abstractions.6.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.FileProviders.Abstractions/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-iuZIiZ3mteEb+nsUqpGXKx2cGF+cv6gWPd5jqQI4hzqdiJ6I94ddLjKhQOuRW1lueHwocIw30xbSHGhQj0zjdQ==", + "path": "microsoft.extensions.fileproviders.abstractions/5.0.0", + "hashPath": "microsoft.extensions.fileproviders.abstractions.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.FileProviders.Physical/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-1rkd8UO2qf21biwO7X0hL9uHP7vtfmdv/NLvKgCRHkdz1XnW8zVQJXyEYiN68WYpExgtVWn55QF0qBzgfh1mGg==", + "path": "microsoft.extensions.fileproviders.physical/5.0.0", + "hashPath": "microsoft.extensions.fileproviders.physical.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.FileSystemGlobbing/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-ArliS8lGk8sWRtrWpqI8yUVYJpRruPjCDT+EIjrgkA/AAPRctlAkRISVZ334chAKktTLzD1+PK8F5IZpGedSqA==", + "path": "microsoft.extensions.filesystemglobbing/5.0.0", + "hashPath": "microsoft.extensions.filesystemglobbing.5.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Logging/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-eIbyj40QDg1NDz0HBW0S5f3wrLVnKWnDJ/JtZ+yJDFnDj90VoPuoPmFkeaXrtu+0cKm5GRAwoDf+dBWXK0TUdg==", + "path": "microsoft.extensions.logging/6.0.0", + "hashPath": "microsoft.extensions.logging.6.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Logging.Abstractions/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-/HggWBbTwy8TgebGSX5DBZ24ndhzi93sHUBDvP1IxbZD7FDokYzdAr6+vbWGjw2XAfR2EJ1sfKUotpjHnFWPxA==", + "path": "microsoft.extensions.logging.abstractions/6.0.0", + "hashPath": "microsoft.extensions.logging.abstractions.6.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Options/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-dzXN0+V1AyjOe2xcJ86Qbo233KHuLEY0njf/P2Kw8SfJU+d45HNS2ctJdnEnrWbM9Ye2eFgaC5Mj9otRMU6IsQ==", + "path": "microsoft.extensions.options/6.0.0", + "hashPath": "microsoft.extensions.options.6.0.0.nupkg.sha512" + }, + "Microsoft.Extensions.Primitives/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-9+PnzmQFfEFNR9J2aDTfJGGupShHjOuGw4VUv+JB044biSHrnmCIMD+mJHmb2H7YryrfBEXDurxQ47gJZdCKNQ==", + "path": "microsoft.extensions.primitives/6.0.0", + "hashPath": "microsoft.extensions.primitives.6.0.0.nupkg.sha512" + }, + "Microsoft.NETCore.Platforms/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-VyPlqzH2wavqquTcYpkIIAQ6WdenuKoFN0BdYBbCWsclXacSOHNQn66Gt4z5NBqEYW0FAPm5rlvki9ZiCij5xQ==", + "path": "microsoft.netcore.platforms/5.0.0", + "hashPath": "microsoft.netcore.platforms.5.0.0.nupkg.sha512" + }, + "Microsoft.NETCore.Targets/1.1.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-aOZA3BWfz9RXjpzt0sRJJMjAscAUm3Hoa4UWAfceV9UTYxgwZ1lZt5nO2myFf+/jetYQo4uTP7zS8sJY67BBxg==", + "path": "microsoft.netcore.targets/1.1.0", + "hashPath": "microsoft.netcore.targets.1.1.0.nupkg.sha512" + }, + "Microsoft.Win32.Primitives/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-9ZQKCWxH7Ijp9BfahvL2Zyf1cJIk8XYLF6Yjzr2yi0b2cOut/HQ31qf1ThHAgCc3WiZMdnWcfJCgN82/0UunxA==", + "path": "microsoft.win32.primitives/4.3.0", + "hashPath": "microsoft.win32.primitives.4.3.0.nupkg.sha512" + }, + "Microsoft.Win32.Registry/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-dDoKi0PnDz31yAyETfRntsLArTlVAVzUzCIvvEDsDsucrl33Dl8pIJG06ePTJTI3tGpeyHS9Cq7Foc/s4EeKcg==", + "path": "microsoft.win32.registry/5.0.0", + "hashPath": "microsoft.win32.registry.5.0.0.nupkg.sha512" + }, + "Microsoft.Win32.SystemEvents/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-Bh6blKG8VAKvXiLe2L+sEsn62nc1Ij34MrNxepD2OCrS5cpCwQa9MeLyhVQPQ/R4Wlzwuy6wMK8hLb11QPDRsQ==", + "path": "microsoft.win32.systemevents/5.0.0", + "hashPath": "microsoft.win32.systemevents.5.0.0.nupkg.sha512" + }, + "Moq/4.16.1": { + "type": "package", + "serviceable": true, + "sha512": "sha512-bw3R9q8cVNhWXNpnvWb0OGP4HadS4zvClq+T1zf7AF+tLY1haZ2AvbHidQekf4PDv1T40c6brZeT/V0IBq7cEQ==", + "path": "moq/4.16.1", + "hashPath": "moq.4.16.1.nupkg.sha512" + }, + "Moq.AutoMock/3.4.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-9ihncbDf46fh9sPCAitxC6Ix6wDfaPxeeqTocddObcXLiUoXOGfj++NOYwEECum5JZTmg6pskE3MbpUc9YgVOw==", + "path": "moq.automock/3.4.0", + "hashPath": "moq.automock.3.4.0.nupkg.sha512" + }, + "NETStandard.Library/1.6.1": { + "type": "package", + "serviceable": true, + "sha512": "sha512-WcSp3+vP+yHNgS8EV5J7pZ9IRpeDuARBPN28by8zqff1wJQXm26PVU8L3/fYLBJVU7BtDyqNVWq2KlCVvSSR4A==", + "path": "netstandard.library/1.6.1", + "hashPath": "netstandard.library.1.6.1.nupkg.sha512" + }, + "Newtonsoft.Json/12.0.3": { + "type": "package", + "serviceable": true, + "sha512": "sha512-6mgjfnRB4jKMlzHSl+VD+oUc1IebOZabkbyWj2RiTgWwYPPuaK1H97G1sHqGwPlS5npiF5Q0OrxN1wni2n5QWg==", + "path": "newtonsoft.json/12.0.3", + "hashPath": "newtonsoft.json.12.0.3.nupkg.sha512" + }, + "Portable.BouncyCastle/1.8.10": { + "type": "package", + "serviceable": true, + "sha512": "sha512-XLhjNAwuVB9ynwn11l5K44eyozh8q6gFseTrlnLNttejimglX7+F9+vxh60LPjvA/DAt6fUdS43N3ah8K6eaWg==", + "path": "portable.bouncycastle/1.8.10", + "hashPath": "portable.bouncycastle.1.8.10.nupkg.sha512" + }, + "RestSharp/112.1.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-bOUGNZqhhv/QeCXHTKEUil846yBjwWXpzPKjO67kFvaAOoF361z7jLY5BMnuZ6WD2WQRA750sNMcK7MSPCQ5Mg==", + "path": "restsharp/112.1.0", + "hashPath": "restsharp.112.1.0.nupkg.sha512" + }, + "runtime.debian.8-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-HdSSp5MnJSsg08KMfZThpuLPJpPwE5hBXvHwoKWosyHHfe8Mh5WKT0ylEOf6yNzX6Ngjxe4Whkafh5q7Ymac4Q==", + "path": "runtime.debian.8-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.debian.8-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.fedora.23-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-+yH1a49wJMy8Zt4yx5RhJrxO/DBDByAiCzNwiETI+1S4mPdCu0OY4djdciC7Vssk0l22wQaDLrXxXkp+3+7bVA==", + "path": "runtime.fedora.23-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.fedora.23-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.fedora.24-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-c3YNH1GQJbfIPJeCnr4avseugSqPrxwIqzthYyZDN6EuOyNOzq+y2KSUfRcXauya1sF4foESTgwM5e1A8arAKw==", + "path": "runtime.fedora.24-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.fedora.24-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.native.System/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-c/qWt2LieNZIj1jGnVNsE2Kl23Ya2aSTBuXMD6V7k9KWr6l16Tqdwq+hJScEpWER9753NWC8h96PaVNY5Ld7Jw==", + "path": "runtime.native.system/4.3.0", + "hashPath": "runtime.native.system.4.3.0.nupkg.sha512" + }, + "runtime.native.System.IO.Compression/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-INBPonS5QPEgn7naufQFXJEp3zX6L4bwHgJ/ZH78aBTpeNfQMtf7C6VrAFhlq2xxWBveIOWyFzQjJ8XzHMhdOQ==", + "path": "runtime.native.system.io.compression/4.3.0", + "hashPath": "runtime.native.system.io.compression.4.3.0.nupkg.sha512" + }, + "runtime.native.System.Net.Http/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-ZVuZJqnnegJhd2k/PtAbbIcZ3aZeITq3sj06oKfMBSfphW3HDmk/t4ObvbOk/JA/swGR0LNqMksAh/f7gpTROg==", + "path": "runtime.native.system.net.http/4.3.0", + "hashPath": "runtime.native.system.net.http.4.3.0.nupkg.sha512" + }, + "runtime.native.System.Security.Cryptography.Apple/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-DloMk88juo0OuOWr56QG7MNchmafTLYWvABy36izkrLI5VledI0rq28KGs1i9wbpeT9NPQrx/wTf8U2vazqQ3Q==", + "path": "runtime.native.system.security.cryptography.apple/4.3.0", + "hashPath": "runtime.native.system.security.cryptography.apple.4.3.0.nupkg.sha512" + }, + "runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-NS1U+700m4KFRHR5o4vo9DSlTmlCKu/u7dtE5sUHVIPB+xpXxYQvgBgA6wEIeCz6Yfn0Z52/72WYsToCEPJnrw==", + "path": "runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.opensuse.13.2-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-b3pthNgxxFcD+Pc0WSEoC0+md3MyhRS6aCEeenvNE3Fdw1HyJ18ZhRFVJJzIeR/O/jpxPboB805Ho0T3Ul7w8A==", + "path": "runtime.opensuse.13.2-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.opensuse.13.2-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.opensuse.42.1-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-KeLz4HClKf+nFS7p/6Fi/CqyLXh81FpiGzcmuS8DGi9lUqSnZ6Es23/gv2O+1XVGfrbNmviF7CckBpavkBoIFQ==", + "path": "runtime.opensuse.42.1-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.opensuse.42.1-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.osx.10.10-x64.runtime.native.System.Security.Cryptography.Apple/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-kVXCuMTrTlxq4XOOMAysuNwsXWpYeboGddNGpIgNSZmv1b6r/s/DPk0fYMB7Q5Qo4bY68o48jt4T4y5BVecbCQ==", + "path": "runtime.osx.10.10-x64.runtime.native.system.security.cryptography.apple/4.3.0", + "hashPath": "runtime.osx.10.10-x64.runtime.native.system.security.cryptography.apple.4.3.0.nupkg.sha512" + }, + "runtime.osx.10.10-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-X7IdhILzr4ROXd8mI1BUCQMSHSQwelUlBjF1JyTKCjXaOGn2fB4EKBxQbCK2VjO3WaWIdlXZL3W6TiIVnrhX4g==", + "path": "runtime.osx.10.10-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.osx.10.10-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.rhel.7-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-nyFNiCk/r+VOiIqreLix8yN+q3Wga9+SE8BCgkf+2BwEKiNx6DyvFjCgkfV743/grxv8jHJ8gUK4XEQw7yzRYg==", + "path": "runtime.rhel.7-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.rhel.7-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.ubuntu.14.04-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-ytoewC6wGorL7KoCAvRfsgoJPJbNq+64k2SqW6JcOAebWsFUvCCYgfzQMrnpvPiEl4OrblUlhF2ji+Q1+SVLrQ==", + "path": "runtime.ubuntu.14.04-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.ubuntu.14.04-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.ubuntu.16.04-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-I8bKw2I8k58Wx7fMKQJn2R8lamboCAiHfHeV/pS65ScKWMMI0+wJkLYlEKvgW1D/XvSl/221clBoR2q9QNNM7A==", + "path": "runtime.ubuntu.16.04-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.ubuntu.16.04-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "runtime.ubuntu.16.10-x64.runtime.native.System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-VB5cn/7OzUfzdnC8tqAIMQciVLiq2epm2NrAm1E9OjNRyG4lVhfR61SMcLizejzQP8R8Uf/0l5qOIbUEi+RdEg==", + "path": "runtime.ubuntu.16.10-x64.runtime.native.system.security.cryptography.openssl/4.3.0", + "hashPath": "runtime.ubuntu.16.10-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "System.AppContext/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-fKC+rmaLfeIzUhagxY17Q9siv/sPrjjKcfNg1Ic8IlQkZLipo8ljcaZQu4VtI4Jqbzjc2VTjzGLF6WmsRXAEgA==", + "path": "system.appcontext/4.3.0", + "hashPath": "system.appcontext.4.3.0.nupkg.sha512" + }, + "System.Buffers/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-ratu44uTIHgeBeI0dE8DWvmXVBSo4u7ozRZZHOMmK/JPpYyo0dAfgSiHlpiObMQ5lEtEyIXA40sKRYg5J6A8uQ==", + "path": "system.buffers/4.3.0", + "hashPath": "system.buffers.4.3.0.nupkg.sha512" + }, + "System.Collections/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-3Dcj85/TBdVpL5Zr+gEEBUuFe2icOnLalmEh9hfck1PTYbbyWuZgh4fmm2ysCLTrqLQw6t3TgTyJ+VLp+Qb+Lw==", + "path": "system.collections/4.3.0", + "hashPath": "system.collections.4.3.0.nupkg.sha512" + }, + "System.Collections.Concurrent/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-ztl69Xp0Y/UXCL+3v3tEU+lIy+bvjKNUmopn1wep/a291pVPK7dxBd6T7WnlQqRog+d1a/hSsgRsmFnIBKTPLQ==", + "path": "system.collections.concurrent/4.3.0", + "hashPath": "system.collections.concurrent.4.3.0.nupkg.sha512" + }, + "System.Collections.NonGeneric/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-prtjIEMhGUnQq6RnPEYLpFt8AtLbp9yq2zxOSrY7KJJZrw25Fi97IzBqY7iqssbM61Ek5b8f3MG/sG1N2sN5KA==", + "path": "system.collections.nongeneric/4.3.0", + "hashPath": "system.collections.nongeneric.4.3.0.nupkg.sha512" + }, + "System.Collections.Specialized/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-Epx8PoVZR0iuOnJJDzp7pWvdfMMOAvpUo95pC4ScH2mJuXkKA2Y4aR3cG9qt2klHgSons1WFh4kcGW7cSXvrxg==", + "path": "system.collections.specialized/4.3.0", + "hashPath": "system.collections.specialized.4.3.0.nupkg.sha512" + }, + "System.ComponentModel/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-VyGn1jGRZVfxnh8EdvDCi71v3bMXrsu8aYJOwoV7SNDLVhiEqwP86pPMyRGsDsxhXAm2b3o9OIqeETfN5qfezw==", + "path": "system.componentmodel/4.3.0", + "hashPath": "system.componentmodel.4.3.0.nupkg.sha512" + }, + "System.ComponentModel.Annotations/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-dMkqfy2el8A8/I76n2Hi1oBFEbG1SfxD2l5nhwXV3XjlnOmwxJlQbYpJH4W51odnU9sARCSAgv7S3CyAFMkpYg==", + "path": "system.componentmodel.annotations/5.0.0", + "hashPath": "system.componentmodel.annotations.5.0.0.nupkg.sha512" + }, + "System.ComponentModel.Primitives/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-j8GUkCpM8V4d4vhLIIoBLGey2Z5bCkMVNjEZseyAlm4n5arcsJOeI3zkUP+zvZgzsbLTYh4lYeP/ZD/gdIAPrw==", + "path": "system.componentmodel.primitives/4.3.0", + "hashPath": "system.componentmodel.primitives.4.3.0.nupkg.sha512" + }, + "System.ComponentModel.TypeConverter/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-16pQ6P+EdhcXzPiEK4kbA953Fu0MNG2ovxTZU81/qsCd1zPRsKc3uif5NgvllCY598k6bI0KUyKW8fanlfaDQg==", + "path": "system.componentmodel.typeconverter/4.3.0", + "hashPath": "system.componentmodel.typeconverter.4.3.0.nupkg.sha512" + }, + "System.Configuration.ConfigurationManager/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-aM7cbfEfVNlEEOj3DsZP+2g9NRwbkyiAv2isQEzw7pnkDg9ekCU2m1cdJLM02Uq691OaCS91tooaxcEn8d0q5w==", + "path": "system.configuration.configurationmanager/5.0.0", + "hashPath": "system.configuration.configurationmanager.5.0.0.nupkg.sha512" + }, + "System.Console/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-DHDrIxiqk1h03m6khKWV2X8p/uvN79rgSqpilL6uzpmSfxfU5ng8VcPtW4qsDsQDHiTv6IPV9TmD5M/vElPNLg==", + "path": "system.console/4.3.0", + "hashPath": "system.console.4.3.0.nupkg.sha512" + }, + "System.Diagnostics.Debug/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-ZUhUOdqmaG5Jk3Xdb8xi5kIyQYAA4PnTNlHx1mu9ZY3qv4ELIdKbnL/akbGaKi2RnNUWaZsAs31rvzFdewTj2g==", + "path": "system.diagnostics.debug/4.3.0", + "hashPath": "system.diagnostics.debug.4.3.0.nupkg.sha512" + }, + "System.Diagnostics.DiagnosticSource/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-frQDfv0rl209cKm1lnwTgFPzNigy2EKk1BS3uAvHvlBVKe5cymGyHO+Sj+NLv5VF/AhHsqPIUUwya5oV4CHMUw==", + "path": "system.diagnostics.diagnosticsource/6.0.0", + "hashPath": "system.diagnostics.diagnosticsource.6.0.0.nupkg.sha512" + }, + "System.Diagnostics.Tools/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-UUvkJfSYJMM6x527dJg2VyWPSRqIVB0Z7dbjHst1zmwTXz5CcXSYJFWRpuigfbO1Lf7yfZiIaEUesfnl/g5EyA==", + "path": "system.diagnostics.tools/4.3.0", + "hashPath": "system.diagnostics.tools.4.3.0.nupkg.sha512" + }, + "System.Diagnostics.TraceSource/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-VnYp1NxGx8Ww731y2LJ1vpfb/DKVNKEZ8Jsh5SgQTZREL/YpWRArgh9pI8CDLmgHspZmLL697CaLvH85qQpRiw==", + "path": "system.diagnostics.tracesource/4.3.0", + "hashPath": "system.diagnostics.tracesource.4.3.0.nupkg.sha512" + }, + "System.Diagnostics.Tracing/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-rswfv0f/Cqkh78rA5S8eN8Neocz234+emGCtTF3lxPY96F+mmmUen6tbn0glN6PMvlKQb9bPAY5e9u7fgPTkKw==", + "path": "system.diagnostics.tracing/4.3.0", + "hashPath": "system.diagnostics.tracing.4.3.0.nupkg.sha512" + }, + "System.DirectoryServices/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-lAS54Y3KO1XV68akGa0/GJeddkkuuiv2CtcSkMiTmLHQ6o6kFbKpw4DmJZADF7a6KjPwYxmZnH4D3eGicrJdcg==", + "path": "system.directoryservices/5.0.0", + "hashPath": "system.directoryservices.5.0.0.nupkg.sha512" + }, + "System.Drawing.Common/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-SztFwAnpfKC8+sEKXAFxCBWhKQaEd97EiOL7oZJZP56zbqnLpmxACWA8aGseaUExciuEAUuR9dY8f7HkTRAdnw==", + "path": "system.drawing.common/5.0.0", + "hashPath": "system.drawing.common.5.0.0.nupkg.sha512" + }, + "System.Dynamic.Runtime/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-SNVi1E/vfWUAs/WYKhE9+qlS6KqK0YVhnlT0HQtr8pMIA8YX3lwy3uPMownDwdYISBdmAF/2holEIldVp85Wag==", + "path": "system.dynamic.runtime/4.3.0", + "hashPath": "system.dynamic.runtime.4.3.0.nupkg.sha512" + }, + "System.Globalization/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-kYdVd2f2PAdFGblzFswE4hkNANJBKRmsfa2X5LG2AcWE1c7/4t0pYae1L8vfZ5xvE2nK/R9JprtToA61OSHWIg==", + "path": "system.globalization/4.3.0", + "hashPath": "system.globalization.4.3.0.nupkg.sha512" + }, + "System.Globalization.Calendars/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-GUlBtdOWT4LTV3I+9/PJW+56AnnChTaOqqTLFtdmype/L500M2LIyXgmtd9X2P2VOkmJd5c67H5SaC2QcL1bFA==", + "path": "system.globalization.calendars/4.3.0", + "hashPath": "system.globalization.calendars.4.3.0.nupkg.sha512" + }, + "System.Globalization.Extensions/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-FhKmdR6MPG+pxow6wGtNAWdZh7noIOpdD5TwQ3CprzgIE1bBBoim0vbR1+AWsWjQmU7zXHgQo4TWSP6lCeiWcQ==", + "path": "system.globalization.extensions/4.3.0", + "hashPath": "system.globalization.extensions.4.3.0.nupkg.sha512" + }, + "System.IO/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-3qjaHvxQPDpSOYICjUoTsmoq5u6QJAFRUITgeT/4gqkF1bajbSmb1kwSxEA8AHlofqgcKJcM8udgieRNhaJ5Cg==", + "path": "system.io/4.3.0", + "hashPath": "system.io.4.3.0.nupkg.sha512" + }, + "System.IO.Compression/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-YHndyoiV90iu4iKG115ibkhrG+S3jBm8Ap9OwoUAzO5oPDAWcr0SFwQFm0HjM8WkEZWo0zvLTyLmbvTkW1bXgg==", + "path": "system.io.compression/4.3.0", + "hashPath": "system.io.compression.4.3.0.nupkg.sha512" + }, + "System.IO.Compression.ZipFile/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-G4HwjEsgIwy3JFBduZ9quBkAu+eUwjIdJleuNSgmUojbH6O3mlvEIme+GHx/cLlTAPcrnnL7GqvB9pTlWRfhOg==", + "path": "system.io.compression.zipfile/4.3.0", + "hashPath": "system.io.compression.zipfile.4.3.0.nupkg.sha512" + }, + "System.IO.FileSystem/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-3wEMARTnuio+ulnvi+hkRNROYwa1kylvYahhcLk4HSoVdl+xxTFVeVlYOfLwrDPImGls0mDqbMhrza8qnWPTdA==", + "path": "system.io.filesystem/4.3.0", + "hashPath": "system.io.filesystem.4.3.0.nupkg.sha512" + }, + "System.IO.FileSystem.AccessControl/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-SxHB3nuNrpptVk+vZ/F+7OHEpoHUIKKMl02bUmYHQr1r+glbZQxs7pRtsf4ENO29TVm2TH3AEeep2fJcy92oYw==", + "path": "system.io.filesystem.accesscontrol/5.0.0", + "hashPath": "system.io.filesystem.accesscontrol.5.0.0.nupkg.sha512" + }, + "System.IO.FileSystem.Primitives/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-6QOb2XFLch7bEc4lIcJH49nJN2HV+OC3fHDgsLVsBVBk3Y4hFAnOBGzJ2lUu7CyDDFo9IBWkSsnbkT6IBwwiMw==", + "path": "system.io.filesystem.primitives/4.3.0", + "hashPath": "system.io.filesystem.primitives.4.3.0.nupkg.sha512" + }, + "System.Linq/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-5DbqIUpsDp0dFftytzuMmc0oeMdQwjcP/EWxsksIz/w1TcFRkZ3yKKz0PqiYFMmEwPSWw+qNVqD7PJ889JzHbw==", + "path": "system.linq/4.3.0", + "hashPath": "system.linq.4.3.0.nupkg.sha512" + }, + "System.Linq.Expressions/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-PGKkrd2khG4CnlyJwxwwaWWiSiWFNBGlgXvJpeO0xCXrZ89ODrQ6tjEWS/kOqZ8GwEOUATtKtzp1eRgmYNfclg==", + "path": "system.linq.expressions/4.3.0", + "hashPath": "system.linq.expressions.4.3.0.nupkg.sha512" + }, + "System.Net.Http/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-sYg+FtILtRQuYWSIAuNOELwVuVsxVyJGWQyOnlAzhV4xvhyFnON1bAzYYC+jjRW8JREM45R0R5Dgi8MTC5sEwA==", + "path": "system.net.http/4.3.0", + "hashPath": "system.net.http.4.3.0.nupkg.sha512" + }, + "System.Net.Primitives/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-qOu+hDwFwoZPbzPvwut2qATe3ygjeQBDQj91xlsaqGFQUI5i4ZnZb8yyQuLGpDGivEPIt8EJkd1BVzVoP31FXA==", + "path": "system.net.primitives/4.3.0", + "hashPath": "system.net.primitives.4.3.0.nupkg.sha512" + }, + "System.Net.Sockets/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-m6icV6TqQOAdgt5N/9I5KNpjom/5NFtkmGseEH+AK/hny8XrytLH3+b5M8zL/Ycg3fhIocFpUMyl/wpFnVRvdw==", + "path": "system.net.sockets/4.3.0", + "hashPath": "system.net.sockets.4.3.0.nupkg.sha512" + }, + "System.ObjectModel/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-bdX+80eKv9bN6K4N+d77OankKHGn6CH711a6fcOpMQu2Fckp/Ft4L/kW9WznHpyR0NRAvJutzOMHNNlBGvxQzQ==", + "path": "system.objectmodel/4.3.0", + "hashPath": "system.objectmodel.4.3.0.nupkg.sha512" + }, + "System.Reflection/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-KMiAFoW7MfJGa9nDFNcfu+FpEdiHpWgTcS2HdMpDvt9saK3y/G4GwprPyzqjFH9NTaGPQeWNHU+iDlDILj96aQ==", + "path": "system.reflection/4.3.0", + "hashPath": "system.reflection.4.3.0.nupkg.sha512" + }, + "System.Reflection.Emit/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-228FG0jLcIwTVJyz8CLFKueVqQK36ANazUManGaJHkO0icjiIypKW7YLWLIWahyIkdh5M7mV2dJepllLyA1SKg==", + "path": "system.reflection.emit/4.3.0", + "hashPath": "system.reflection.emit.4.3.0.nupkg.sha512" + }, + "System.Reflection.Emit.ILGeneration/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-59tBslAk9733NXLrUJrwNZEzbMAcu8k344OYo+wfSVygcgZ9lgBdGIzH/nrg3LYhXceynyvTc8t5/GD4Ri0/ng==", + "path": "system.reflection.emit.ilgeneration/4.3.0", + "hashPath": "system.reflection.emit.ilgeneration.4.3.0.nupkg.sha512" + }, + "System.Reflection.Emit.Lightweight/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-oadVHGSMsTmZsAF864QYN1t1QzZjIcuKU3l2S9cZOwDdDueNTrqq1yRj7koFfIGEnKpt6NjpL3rOzRhs4ryOgA==", + "path": "system.reflection.emit.lightweight/4.3.0", + "hashPath": "system.reflection.emit.lightweight.4.3.0.nupkg.sha512" + }, + "System.Reflection.Extensions/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-rJkrJD3kBI5B712aRu4DpSIiHRtr6QlfZSQsb0hYHrDCZORXCFjQfoipo2LaMUHoT9i1B7j7MnfaEKWDFmFQNQ==", + "path": "system.reflection.extensions/4.3.0", + "hashPath": "system.reflection.extensions.4.3.0.nupkg.sha512" + }, + "System.Reflection.Primitives/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-5RXItQz5As4xN2/YUDxdpsEkMhvw3e6aNveFXUn4Hl/udNTCNhnKp8lT9fnc3MhvGKh1baak5CovpuQUXHAlIA==", + "path": "system.reflection.primitives/4.3.0", + "hashPath": "system.reflection.primitives.4.3.0.nupkg.sha512" + }, + "System.Reflection.TypeExtensions/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-7u6ulLcZbyxB5Gq0nMkQttcdBTx57ibzw+4IOXEfR+sXYQoHvjW5LTLyNr8O22UIMrqYbchJQJnos4eooYzYJA==", + "path": "system.reflection.typeextensions/4.3.0", + "hashPath": "system.reflection.typeextensions.4.3.0.nupkg.sha512" + }, + "System.Resources.ResourceManager/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-/zrcPkkWdZmI4F92gL/TPumP98AVDu/Wxr3CSJGQQ+XN6wbRZcyfSKVoPo17ilb3iOr0cCRqJInGwNMolqhS8A==", + "path": "system.resources.resourcemanager/4.3.0", + "hashPath": "system.resources.resourcemanager.4.3.0.nupkg.sha512" + }, + "System.Runtime/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-JufQi0vPQ0xGnAczR13AUFglDyVYt4Kqnz1AZaiKZ5+GICq0/1MH/mO/eAJHt/mHW1zjKBJd7kV26SrxddAhiw==", + "path": "system.runtime/4.3.0", + "hashPath": "system.runtime.4.3.0.nupkg.sha512" + }, + "System.Runtime.Caching/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-30D6MkO8WF9jVGWZIP0hmCN8l9BTY4LCsAzLIe4xFSXzs+AjDotR7DpSmj27pFskDURzUvqYYY0ikModgBTxWw==", + "path": "system.runtime.caching/5.0.0", + "hashPath": "system.runtime.caching.5.0.0.nupkg.sha512" + }, + "System.Runtime.CompilerServices.Unsafe/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-/iUeP3tq1S0XdNNoMz5C9twLSrM/TH+qElHkXWaPvuNOt+99G75NrV0OS2EqHx5wMN7popYjpc8oTjC1y16DLg==", + "path": "system.runtime.compilerservices.unsafe/6.0.0", + "hashPath": "system.runtime.compilerservices.unsafe.6.0.0.nupkg.sha512" + }, + "System.Runtime.Extensions/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-guW0uK0fn5fcJJ1tJVXYd7/1h5F+pea1r7FLSOz/f8vPEqbR2ZAknuRDvTQ8PzAilDveOxNjSfr0CHfIQfFk8g==", + "path": "system.runtime.extensions/4.3.0", + "hashPath": "system.runtime.extensions.4.3.0.nupkg.sha512" + }, + "System.Runtime.Handles/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-OKiSUN7DmTWeYb3l51A7EYaeNMnvxwE249YtZz7yooT4gOZhmTjIn48KgSsw2k2lYdLgTKNJw/ZIfSElwDRVgg==", + "path": "system.runtime.handles/4.3.0", + "hashPath": "system.runtime.handles.4.3.0.nupkg.sha512" + }, + "System.Runtime.InteropServices/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-uv1ynXqiMK8mp1GM3jDqPCFN66eJ5w5XNomaK2XD+TuCroNTLFGeZ+WCmBMcBDyTFKou3P6cR6J/QsaqDp7fGQ==", + "path": "system.runtime.interopservices/4.3.0", + "hashPath": "system.runtime.interopservices.4.3.0.nupkg.sha512" + }, + "System.Runtime.InteropServices.RuntimeInformation/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-cbz4YJMqRDR7oLeMRbdYv7mYzc++17lNhScCX0goO2XpGWdvAt60CGN+FHdePUEHCe/Jy9jUlvNAiNdM+7jsOw==", + "path": "system.runtime.interopservices.runtimeinformation/4.3.0", + "hashPath": "system.runtime.interopservices.runtimeinformation.4.3.0.nupkg.sha512" + }, + "System.Runtime.Numerics/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-yMH+MfdzHjy17l2KESnPiF2dwq7T+xLnSJar7slyimAkUh/gTrS9/UQOtv7xarskJ2/XDSNvfLGOBQPjL7PaHQ==", + "path": "system.runtime.numerics/4.3.0", + "hashPath": "system.runtime.numerics.4.3.0.nupkg.sha512" + }, + "System.Security.AccessControl/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-dagJ1mHZO3Ani8GH0PHpPEe/oYO+rVdbQjvjJkBRNQkX4t0r1iaeGn8+/ybkSLEan3/slM0t59SVdHzuHf2jmw==", + "path": "system.security.accesscontrol/5.0.0", + "hashPath": "system.security.accesscontrol.5.0.0.nupkg.sha512" + }, + "System.Security.Cryptography.Algorithms/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-W1kd2Y8mYSCgc3ULTAZ0hOP2dSdG5YauTb1089T0/kRcN2MpSAW1izOFROrJgxSlMn3ArsgHXagigyi+ibhevg==", + "path": "system.security.cryptography.algorithms/4.3.0", + "hashPath": "system.security.cryptography.algorithms.4.3.0.nupkg.sha512" + }, + "System.Security.Cryptography.Cng/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-03idZOqFlsKRL4W+LuCpJ6dBYDUWReug6lZjBa3uJWnk5sPCUXckocevTaUA8iT/MFSrY/2HXkOt753xQ/cf8g==", + "path": "system.security.cryptography.cng/4.3.0", + "hashPath": "system.security.cryptography.cng.4.3.0.nupkg.sha512" + }, + "System.Security.Cryptography.Csp/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-X4s/FCkEUnRGnwR3aSfVIkldBmtURMhmexALNTwpjklzxWU7yjMk7GHLKOZTNkgnWnE0q7+BCf9N2LVRWxewaA==", + "path": "system.security.cryptography.csp/4.3.0", + "hashPath": "system.security.cryptography.csp.4.3.0.nupkg.sha512" + }, + "System.Security.Cryptography.Encoding/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-1DEWjZZly9ae9C79vFwqaO5kaOlI5q+3/55ohmq/7dpDyDfc8lYe7YVxJUZ5MF/NtbkRjwFRo14yM4OEo9EmDw==", + "path": "system.security.cryptography.encoding/4.3.0", + "hashPath": "system.security.cryptography.encoding.4.3.0.nupkg.sha512" + }, + "System.Security.Cryptography.OpenSsl/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-h4CEgOgv5PKVF/HwaHzJRiVboL2THYCou97zpmhjghx5frc7fIvlkY1jL+lnIQyChrJDMNEXS6r7byGif8Cy4w==", + "path": "system.security.cryptography.openssl/4.3.0", + "hashPath": "system.security.cryptography.openssl.4.3.0.nupkg.sha512" + }, + "System.Security.Cryptography.Primitives/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-7bDIyVFNL/xKeFHjhobUAQqSpJq9YTOpbEs6mR233Et01STBMXNAc/V+BM6dwYGc95gVh/Zf+iVXWzj3mE8DWg==", + "path": "system.security.cryptography.primitives/4.3.0", + "hashPath": "system.security.cryptography.primitives.4.3.0.nupkg.sha512" + }, + "System.Security.Cryptography.ProtectedData/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-HGxMSAFAPLNoxBvSfW08vHde0F9uh7BjASwu6JF9JnXuEPhCY3YUqURn0+bQV/4UWeaqymmrHWV+Aw9riQCtCA==", + "path": "system.security.cryptography.protecteddata/5.0.0", + "hashPath": "system.security.cryptography.protecteddata.5.0.0.nupkg.sha512" + }, + "System.Security.Cryptography.X509Certificates/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-t2Tmu6Y2NtJ2um0RtcuhP7ZdNNxXEgUm2JeoA/0NvlMjAhKCnM1NX07TDl3244mVp3QU6LPEhT3HTtH1uF7IYw==", + "path": "system.security.cryptography.x509certificates/4.3.0", + "hashPath": "system.security.cryptography.x509certificates.4.3.0.nupkg.sha512" + }, + "System.Security.Permissions/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-uE8juAhEkp7KDBCdjDIE3H9R1HJuEHqeqX8nLX9gmYKWwsqk3T5qZlPx8qle5DPKimC/Fy3AFTdV7HamgCh9qQ==", + "path": "system.security.permissions/5.0.0", + "hashPath": "system.security.permissions.5.0.0.nupkg.sha512" + }, + "System.Security.Principal.Windows/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-t0MGLukB5WAVU9bO3MGzvlGnyJPgUlcwerXn1kzBRjwLKixT96XV0Uza41W49gVd8zEMFu9vQEFlv0IOrytICA==", + "path": "system.security.principal.windows/5.0.0", + "hashPath": "system.security.principal.windows.5.0.0.nupkg.sha512" + }, + "System.Text.Encoding/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-BiIg+KWaSDOITze6jGQynxg64naAPtqGHBwDrLaCtixsa5bKiR8dpPOHA7ge3C0JJQizJE+sfkz1wV+BAKAYZw==", + "path": "system.text.encoding/4.3.0", + "hashPath": "system.text.encoding.4.3.0.nupkg.sha512" + }, + "System.Text.Encoding.Extensions/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-YVMK0Bt/A43RmwizJoZ22ei2nmrhobgeiYwFzC4YAN+nue8RF6djXDMog0UCn+brerQoYVyaS+ghy9P/MUVcmw==", + "path": "system.text.encoding.extensions/4.3.0", + "hashPath": "system.text.encoding.extensions.4.3.0.nupkg.sha512" + }, + "System.Text.Encodings.Web/6.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-Vg8eB5Tawm1IFqj4TVK1czJX89rhFxJo9ELqc/Eiq0eXy13RK00eubyU6TJE6y+GQXjyV5gSfiewDUZjQgSE0w==", + "path": "system.text.encodings.web/6.0.0", + "hashPath": "system.text.encodings.web.6.0.0.nupkg.sha512" + }, + "System.Text.RegularExpressions/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-RpT2DA+L660cBt1FssIE9CAGpLFdFPuheB7pLpKpn6ZXNby7jDERe8Ua/Ne2xGiwLVG2JOqziiaVCGDon5sKFA==", + "path": "system.text.regularexpressions/4.3.0", + "hashPath": "system.text.regularexpressions.4.3.0.nupkg.sha512" + }, + "System.Threading/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-VkUS0kOBcUf3Wwm0TSbrevDDZ6BlM+b/HRiapRFWjM5O0NS0LviG0glKmFK+hhPDd1XFeSdU1GmlLhb2CoVpIw==", + "path": "system.threading/4.3.0", + "hashPath": "system.threading.4.3.0.nupkg.sha512" + }, + "System.Threading.Tasks/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-LbSxKEdOUhVe8BezB/9uOGGppt+nZf6e1VFyw6v3DN6lqitm0OSn2uXMOdtP0M3W4iMcqcivm2J6UgqiwwnXiA==", + "path": "system.threading.tasks/4.3.0", + "hashPath": "system.threading.tasks.4.3.0.nupkg.sha512" + }, + "System.Threading.Tasks.Extensions/4.5.4": { + "type": "package", + "serviceable": true, + "sha512": "sha512-zteT+G8xuGu6mS+mzDzYXbzS7rd3K6Fjb9RiZlYlJPam2/hU7JCBZBVEcywNuR+oZ1ncTvc/cq0faRr3P01OVg==", + "path": "system.threading.tasks.extensions/4.5.4", + "hashPath": "system.threading.tasks.extensions.4.5.4.nupkg.sha512" + }, + "System.Threading.Timer/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-Z6YfyYTCg7lOZjJzBjONJTFKGN9/NIYKSxhU5GRd+DTwHSZyvWp1xuI5aR+dLg+ayyC5Xv57KiY4oJ0tMO89fQ==", + "path": "system.threading.timer/4.3.0", + "hashPath": "system.threading.timer.4.3.0.nupkg.sha512" + }, + "System.Windows.Extensions/5.0.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-c1ho9WU9ZxMZawML+ssPKZfdnrg/OjR3pe0m9v8230z3acqphwvPJqzAkH54xRYm5ntZHGG1EPP3sux9H3qSPg==", + "path": "system.windows.extensions/5.0.0", + "hashPath": "system.windows.extensions.5.0.0.nupkg.sha512" + }, + "System.Xml.ReaderWriter/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-GrprA+Z0RUXaR4N7/eW71j1rgMnEnEVlgii49GZyAjTH7uliMnrOU3HNFBr6fEDBCJCIdlVNq9hHbaDR621XBA==", + "path": "system.xml.readerwriter/4.3.0", + "hashPath": "system.xml.readerwriter.4.3.0.nupkg.sha512" + }, + "System.Xml.XDocument/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-5zJ0XDxAIg8iy+t4aMnQAu0MqVbqyvfoUVl1yDV61xdo3Vth45oA2FoY4pPkxYAH5f8ixpmTqXeEIya95x0aCQ==", + "path": "system.xml.xdocument/4.3.0", + "hashPath": "system.xml.xdocument.4.3.0.nupkg.sha512" + }, + "System.Xml.XmlDocument/4.3.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-lJ8AxvkX7GQxpC6GFCeBj8ThYVyQczx2+f/cWHJU8tjS7YfI6Cv6bon70jVEgs2CiFbmmM8b9j1oZVx0dSI2Ww==", + "path": "system.xml.xmldocument/4.3.0", + "hashPath": "system.xml.xmldocument.4.3.0.nupkg.sha512" + }, + "Keyfactor.Extensions.Orchestrator.CitricAdc/1.0.0": { + "type": "project", + "serviceable": false, + "sha512": "" + }, + "nitro/0.0.0.0": { + "type": "reference", + "serviceable": false, + "sha512": "" + } + } +} \ No newline at end of file diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.dll new file mode 100644 index 0000000..504498f Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.exe b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.exe new file mode 100644 index 0000000..48c4c40 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.exe differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.pdb b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.pdb new file mode 100644 index 0000000..bcd1c13 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.pdb differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.runtimeconfig.json b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.runtimeconfig.json new file mode 100644 index 0000000..4986d16 --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/CitrixAdcTestConsole.runtimeconfig.json @@ -0,0 +1,9 @@ +{ + "runtimeOptions": { + "tfm": "net6.0", + "framework": { + "name": "Microsoft.NETCore.App", + "version": "6.0.0" + } + } +} \ No newline at end of file diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Inventory.json b/CitrixAdcTestConsole/bin/Debug/net6.0/Inventory.json new file mode 100644 index 0000000..5b485f2 --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/Inventory.json @@ -0,0 +1,21 @@ +{ + "LastInventory": [], + "CertificateStoreDetails": { + "ClientMachine": "ClientMachineGoesHere", + "StorePath": "/", + "StorePassword": "", + "Properties": "{\"ServerUsername\":\"UserNameGoesHere\",\"ServerPassword\":\"PasswordGoesHere\",\"ServerUseSsl\":\"true\",\"DeviceGroup\":\"\"}", + "Type": 105 + }, + "JobCancelled": false, + "ServerError": null, + "JobHistoryId": 22892, + "RequestStatus": 1, + "ServerUsername": "UserNameGoesHere", + "ServerPassword": "PasswordGoesHere", + "UseSSL": true, + "JobProperties": null, + "JobTypeId": "00000000-0000-0000-0000-000000000000", + "JobId": "ffca3981-adb2-4a7f-af09-4d0e1ac380b1", + "Capability": "CertStores.CitricAdc.Inventory" +} \ No newline at end of file diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Common.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Common.dll new file mode 100644 index 0000000..afddb7a Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Common.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Extensions.Orchestrator.CitricAdc.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Extensions.Orchestrator.CitricAdc.dll new file mode 100644 index 0000000..f6e3a35 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Extensions.Orchestrator.CitricAdc.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Extensions.Orchestrator.CitricAdc.pdb b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Extensions.Orchestrator.CitricAdc.pdb new file mode 100644 index 0000000..ede3d43 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Extensions.Orchestrator.CitricAdc.pdb differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Logging.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Logging.dll new file mode 100644 index 0000000..affc313 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Logging.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Orchestrators.Common.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Orchestrators.Common.dll new file mode 100644 index 0000000..3ace63e Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Orchestrators.Common.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Orchestrators.IOrchestratorJobExtensions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Orchestrators.IOrchestratorJobExtensions.dll new file mode 100644 index 0000000..60407f6 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Keyfactor.Orchestrators.IOrchestratorJobExtensions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Management.json b/CitrixAdcTestConsole/bin/Debug/net6.0/Management.json new file mode 100644 index 0000000..5e2f13d --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/Management.json @@ -0,0 +1,32 @@ +{ + "LastInventory": [], + "CertificateStoreDetails": { + "ClientMachine": "ClientMachineGoesHere", + "StorePath": "TemplateNameGoesHere", + "StorePassword": null, + "Properties": "{\"ServerUsername\":\"UserNameGoesHere\",\"ServerPassword\":\"PasswordGoesHere\",\"ServerUseSsl\":\"true\",\"DeviceGroup\":\"DeviceGroupGoesHere\"}", + "Type": 105 + }, + "OperationType": 2, + "Overwrite": false, + "JobCertificate": { + "Thumbprint": null, + "Contents": "CertificateContentGoesHere", + "Alias": "AliasGoesHere", + "PrivateKeyPassword": "sldfklsdfsldjfk" + }, + "JobCancelled": false, + "ServerError": null, + "JobHistoryId": 22907, + "RequestStatus": 1, + "ServerUsername": "UserNameGoesHere", + "ServerPassword": "PasswordGoesHere", + "UseSSL": true, + "JobProperties": { + "virtualServerName": "virtualServerNameGoesHere", + "sniCert": "false" + }, + "JobTypeId": "00000000-0000-0000-0000-000000000000", + "JobId": "6808e1a2-04bb-4008-89fc-649662c0cd2b", + "Capability": "CertStores.CitricAdc.Management" +} \ No newline at end of file diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/ManagementRemove.json b/CitrixAdcTestConsole/bin/Debug/net6.0/ManagementRemove.json new file mode 100644 index 0000000..7b4cc42 --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/ManagementRemove.json @@ -0,0 +1,31 @@ +{ + "LastInventory": [], + "CertificateStoreDetails": { + "ClientMachine": "ClientMachineGoesHere", + "StorePath": "TemplateNameGoesHere", + "StorePassword": null, + "Properties": "{\"ServerUsername\":\"UserNameGoesHere\",\"ServerPassword\":\"PasswordGoesHere\",\"ServerUseSsl\":\"true\",\"DeviceGroup\":\"DeviceGroupGoesHere\"}", + "Type": 105 + }, + "OperationType": 3, + "Overwrite": false, + "JobCertificate": { + "Thumbprint": null, + "Contents": "", + "Alias": "AliasGoesHere", + "PrivateKeyPassword": null + }, + "JobCancelled": false, + "ServerError": null, + "JobHistoryId": 22908, + "RequestStatus": 1, + "ServerUsername": "UserNameGoesHere", + "ServerPassword": "PasswordGoesHere", + "UseSSL": true, + "JobProperties": { + "virtualServerName": "virtualServerNameGoesHere" + }, + "JobTypeId": "00000000-0000-0000-0000-000000000000", + "JobId": "ba6248e2-eb3f-4403-9974-8df0e9f15f98", + "Capability": "CertStores.CitricAdc.Management" +} \ No newline at end of file diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/ManagementRenew.json b/CitrixAdcTestConsole/bin/Debug/net6.0/ManagementRenew.json new file mode 100644 index 0000000..4e0476f --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/ManagementRenew.json @@ -0,0 +1 @@ +{ "LastInventory": [], "CertificateStoreDetails": { "ClientMachine": "ClientMachineGoesHere", "StorePath": "TemplateNameGoesHere", "StorePassword": null, "Properties": "{\"ServerUsername\":\"UserNameGoesHere\",\"ServerPassword\":\"PasswordGoesHere\",\"ServerUseSsl\":\"true\",\"DeviceGroup\":\"DeviceGroupGoesHere\"}", "Type": 105 }, "OperationType": 2, "Overwrite": false, "JobCertificate": { "Thumbprint": null, "Contents": "CertificateContentGoesHere", "Alias": "AliasGoesHere", "PrivateKeyPassword": "sldfklsdfsldjfk" }, "JobCancelled": false, "ServerError": null, "JobHistoryId": 22907, "RequestStatus": 1, "ServerUsername": "UserNameGoesHere", "ServerPassword": "PasswordGoesHere", "UseSSL": true, "JobProperties": { "virtualServerName": "virtualServerNameGoesHere", "RenewalThumbprint": "ThumbprintGoesHere", "sniCert": "false" }, "JobTypeId": "00000000-0000-0000-0000-000000000000", "JobId": "6808e1a2-04bb-4008-89fc-649662c0cd2b", "Capability": "CertStores.PaloAlto.Management"} \ No newline at end of file diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Abstractions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Abstractions.dll new file mode 100644 index 0000000..dd5ebe2 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Abstractions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Binder.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Binder.dll new file mode 100644 index 0000000..cded0f2 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Binder.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.FileExtensions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.FileExtensions.dll new file mode 100644 index 0000000..c0bc056 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.FileExtensions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Json.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Json.dll new file mode 100644 index 0000000..77875f3 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.Json.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.dll new file mode 100644 index 0000000..4e5c5d8 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Configuration.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.DependencyInjection.Abstractions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.DependencyInjection.Abstractions.dll new file mode 100644 index 0000000..b4ee93d Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.DependencyInjection.Abstractions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.DependencyInjection.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.DependencyInjection.dll new file mode 100644 index 0000000..97525f7 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.DependencyInjection.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileProviders.Abstractions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileProviders.Abstractions.dll new file mode 100644 index 0000000..2ab3e58 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileProviders.Abstractions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileProviders.Physical.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileProviders.Physical.dll new file mode 100644 index 0000000..826974b Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileProviders.Physical.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileSystemGlobbing.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileSystemGlobbing.dll new file mode 100644 index 0000000..7ca25d5 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.FileSystemGlobbing.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Logging.Abstractions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Logging.Abstractions.dll new file mode 100644 index 0000000..bb27a2f Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Logging.Abstractions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Logging.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Logging.dll new file mode 100644 index 0000000..9e2d7f9 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Logging.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Options.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Options.dll new file mode 100644 index 0000000..604b602 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Options.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Primitives.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Primitives.dll new file mode 100644 index 0000000..1b2c43a Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Extensions.Primitives.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Win32.SystemEvents.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Win32.SystemEvents.dll new file mode 100644 index 0000000..d62f333 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Microsoft.Win32.SystemEvents.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Moq.AutoMock.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Moq.AutoMock.dll new file mode 100644 index 0000000..e282611 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Moq.AutoMock.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Moq.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Moq.dll new file mode 100644 index 0000000..5be05c4 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Moq.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/Newtonsoft.Json.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/Newtonsoft.Json.dll new file mode 100644 index 0000000..b501fb6 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/Newtonsoft.Json.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/RestSharp.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/RestSharp.dll new file mode 100644 index 0000000..a3241b6 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/RestSharp.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/System.Configuration.ConfigurationManager.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Configuration.ConfigurationManager.dll new file mode 100644 index 0000000..1644e5d Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Configuration.ConfigurationManager.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/System.DirectoryServices.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/System.DirectoryServices.dll new file mode 100644 index 0000000..65d58a1 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/System.DirectoryServices.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/System.Drawing.Common.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Drawing.Common.dll new file mode 100644 index 0000000..2ca2eb5 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Drawing.Common.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/System.Runtime.Caching.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Runtime.Caching.dll new file mode 100644 index 0000000..6a6eb85 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Runtime.Caching.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/System.Security.Cryptography.ProtectedData.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Security.Cryptography.ProtectedData.dll new file mode 100644 index 0000000..ffe1c6f Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Security.Cryptography.ProtectedData.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/System.Security.Permissions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Security.Permissions.dll new file mode 100644 index 0000000..b380d08 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Security.Permissions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/System.Windows.Extensions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Windows.Extensions.dll new file mode 100644 index 0000000..316eb46 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/System.Windows.Extensions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/config.json b/CitrixAdcTestConsole/bin/Debug/net6.0/config.json new file mode 100644 index 0000000..470027d --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/config.json @@ -0,0 +1,3 @@ +{ + "AutoSaveConfig": "N" +} diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/manifest.json b/CitrixAdcTestConsole/bin/Debug/net6.0/manifest.json new file mode 100644 index 0000000..180df6a --- /dev/null +++ b/CitrixAdcTestConsole/bin/Debug/net6.0/manifest.json @@ -0,0 +1,14 @@ +{ + "extensions": { + "Keyfactor.Orchestrators.Extensions.IOrchestratorJobExtension": { + "CertStores.CitrixAdc.Inventory": { + "assemblypath": "Keyfactor.Extensions.Orchestrator.CitricAdc.dll", + "TypeFullName": "Keyfactor.Extensions.Orchestrator.CitricAdc.Inventory" + }, + "CertStores.CitrixAdc.Management": { + "assemblypath": "Keyfactor.Extensions.Orchestrator.CitricAdc.dll", + "TypeFullName": "Keyfactor.Extensions.Orchestrator.CitricAdc.Management" + } + } + } +} diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/nitro.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/nitro.dll new file mode 100644 index 0000000..d94cb2f Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/nitro.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/unix/lib/netcoreapp3.0/System.Drawing.Common.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/unix/lib/netcoreapp3.0/System.Drawing.Common.dll new file mode 100644 index 0000000..aad03ed Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/unix/lib/netcoreapp3.0/System.Drawing.Common.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp2.0/System.DirectoryServices.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp2.0/System.DirectoryServices.dll new file mode 100644 index 0000000..e43577d Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp2.0/System.DirectoryServices.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/Microsoft.Win32.SystemEvents.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/Microsoft.Win32.SystemEvents.dll new file mode 100644 index 0000000..b5aa0c4 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/Microsoft.Win32.SystemEvents.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/System.Drawing.Common.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/System.Drawing.Common.dll new file mode 100644 index 0000000..87fe0ae Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/System.Drawing.Common.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/System.Windows.Extensions.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/System.Windows.Extensions.dll new file mode 100644 index 0000000..ab82e83 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netcoreapp3.0/System.Windows.Extensions.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netstandard2.0/System.Runtime.Caching.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netstandard2.0/System.Runtime.Caching.dll new file mode 100644 index 0000000..432ebb4 Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netstandard2.0/System.Runtime.Caching.dll differ diff --git a/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netstandard2.0/System.Security.Cryptography.ProtectedData.dll b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netstandard2.0/System.Security.Cryptography.ProtectedData.dll new file mode 100644 index 0000000..99215bb Binary files /dev/null and b/CitrixAdcTestConsole/bin/Debug/net6.0/runtimes/win/lib/netstandard2.0/System.Security.Cryptography.ProtectedData.dll differ diff --git a/Images/CertStore.gif b/Images/CertStore.gif deleted file mode 100644 index 956aa8d..0000000 Binary files a/Images/CertStore.gif and /dev/null differ diff --git a/Images/CertStoreTypeSettings.gif b/Images/CertStoreTypeSettings.gif deleted file mode 100644 index dd45a8f..0000000 Binary files a/Images/CertStoreTypeSettings.gif and /dev/null differ diff --git a/Images/TC1.gif b/Images/TC1.gif deleted file mode 100644 index 50e23b7..0000000 Binary files a/Images/TC1.gif and /dev/null differ diff --git a/Images/TC10.gif b/Images/TC10.gif deleted file mode 100644 index 2e996db..0000000 Binary files a/Images/TC10.gif and /dev/null differ diff --git a/Images/TC11.gif b/Images/TC11.gif deleted file mode 100644 index 5d75d20..0000000 Binary files a/Images/TC11.gif and /dev/null differ diff --git a/Images/TC12.gif b/Images/TC12.gif deleted file mode 100644 index 6e6fc5d..0000000 Binary files a/Images/TC12.gif and /dev/null differ diff --git a/Images/TC13.gif b/Images/TC13.gif deleted file mode 100644 index cd28917..0000000 Binary files a/Images/TC13.gif and /dev/null differ diff --git a/Images/TC14.gif b/Images/TC14.gif deleted file mode 100644 index 9d84a13..0000000 Binary files a/Images/TC14.gif and /dev/null differ diff --git a/Images/TC2.gif b/Images/TC2.gif deleted file mode 100644 index 97e46da..0000000 Binary files a/Images/TC2.gif and /dev/null differ diff --git a/Images/TC3.gif b/Images/TC3.gif deleted file mode 100644 index 892ad1f..0000000 Binary files a/Images/TC3.gif and /dev/null differ diff --git a/Images/TC4.gif b/Images/TC4.gif deleted file mode 100644 index 89d885f..0000000 Binary files a/Images/TC4.gif and /dev/null differ diff --git a/Images/TC5.gif b/Images/TC5.gif deleted file mode 100644 index 9c911f1..0000000 Binary files a/Images/TC5.gif and /dev/null differ diff --git a/Images/TC6.gif b/Images/TC6.gif deleted file mode 100644 index bb90bed..0000000 Binary files a/Images/TC6.gif and /dev/null differ diff --git a/Images/TC7.gif b/Images/TC7.gif deleted file mode 100644 index e2e484f..0000000 Binary files a/Images/TC7.gif and /dev/null differ diff --git a/Images/TC8.gif b/Images/TC8.gif deleted file mode 100644 index 72b37f8..0000000 Binary files a/Images/TC8.gif and /dev/null differ diff --git a/Images/TC9.gif b/Images/TC9.gif deleted file mode 100644 index e7ac907..0000000 Binary files a/Images/TC9.gif and /dev/null differ diff --git a/README.md b/README.md index 60eca85..bc222e7 100644 --- a/README.md +++ b/README.md @@ -1,253 +1,273 @@ +

+ Citrix Netscaler Universal Orchestrator Extension +

+ +

+ +Integration Status: production +Release +Issues +GitHub Downloads (all assets, all releases) +

-# Citrix Netscaler Universal Orchestrator +

+ + + Support + + · + + Installation + + · + + License + + · + + Related Integrations + +

-Orchestrator to manage certificates and keys on one to many VServers in Netscaler. The integration supports Enrollment, Renewal, Inventory and Remove from Store. +## Overview -#### Integration status: Production - Ready for use in production environments. +The Citrix ADC Orchestrator remotely manages certificate objects on a Citrix ADC device. Since the ADC supports services including: +Load Balancing, Authentication/Authorization/Auditing (AAA), and Gateways, this orchestrator can bind to any of these virtual servers when using unique virtual server names for each service. -## About the Keyfactor Universal Orchestrator Extension -This repository contains a Universal Orchestrator Extension which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications. -The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Extensions, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Extension see below in this readme. +## Compatibility -The Universal Orchestrator is the successor to the Windows Orchestrator. This Orchestrator Extension plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator. +This integration is compatible with Keyfactor Universal Orchestrator version 10.4 and later. -## Support for Citrix Netscaler Universal Orchestrator +## Support +The Citrix Netscaler Universal Orchestrator extension is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket with your Keyfactor representative. If you have a support issue, please open a support ticket via the Keyfactor Support Portal at https://support.keyfactor.com. + +> To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab. -Citrix Netscaler Universal Orchestrator is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket via the Keyfactor Support Portal at https://support.keyfactor.com +## Requirements & Prerequisites -###### To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab. +Before installing the Citrix Netscaler Universal Orchestrator extension, we recommend that you install [kfutil](https://github.com/Keyfactor/kfutil). Kfutil is a command-line tool that simplifies the process of creating store types, installing extensions, and instantiating certificate stores in Keyfactor Command. ---- +The Citrix ADC user needs permission to perform the following API calls: ---- +API Endpoint|Methods +---|--- +/nitro/v1/config/login|post +/nitro/v1/config/lbvserver| get +/nitro/v1/config/sslcertkey| get, update, add, delete +/nitro/v1/config/sslcertkey_service_binding| get, update, add, delete +/nitro/v1/config/systemfile| get, add, delete +Here is a sample policy with Min Permissions: +* Action: +Allow +* Command Spec: +(^stat\s+(cr|cs|lb|system|vpn))|(^(add|rm|show)\s+system\s+file\s+.*)|(^\S+\s+ssl\s+.*)|(^(show|stat|sync)\s+HA\s+.*)|(^save\s+ns\s+config)|(^(switch|show)\s+ns\s+partition.*) -## Keyfactor Version Supported +## Create the CitrixAdc Certificate Store Type -The minimum version of the Keyfactor Universal Orchestrator Framework needed to run this version of the extension is 10.1 -## Platform Specific Notes +To use the Citrix Netscaler Universal Orchestrator extension, you **must** create the CitrixAdc Certificate Store Type. This only needs to happen _once_ per Keyfactor Command instance. -The Keyfactor Universal Orchestrator may be installed on either Windows or Linux based platforms. The certificate operations supported by a capability may vary based what platform the capability is installed on. The table below indicates what capabilities are supported based on which platform the encompassing Universal Orchestrator is running. -| Operation | Win | Linux | -|-----|-----|------| -|Supports Management Add|✓ |✓ | -|Supports Management Remove|✓ |✓ | -|Supports Create Store| | | -|Supports Discovery| | | -|Supports Reenrollment| | | -|Supports Inventory|✓ |✓ | -## PAM Integration +* **Create CitrixAdc using kfutil**: -This orchestrator extension has the ability to connect to a variety of supported PAM providers to allow for the retrieval of various client hosted secrets right from the orchestrator server itself. This eliminates the need to set up the PAM integration on Keyfactor Command which may be in an environment that the client does not want to have access to their PAM provider. + ```shell + # CitrixAdc + kfutil store-types create CitrixAdc + ``` -The secrets that this orchestrator extension supports for use with a PAM Provider are: +* **Create CitrixAdc manually in the Command UI**: +
Create CitrixAdc manually in the Command UI -|Name|Description| -|----|-----------| -|ServerUsername|The user id that will be used to authenticate into the server hosting the store| -|ServerPassword|The password that will be used to authenticate into the server hosting the store| -|StorePassword|The optional password used to secure the certificate store being managed| + Create a store type called `CitrixAdc` with the attributes in the tables below: -It is not necessary to use a PAM Provider for all of the secrets available above. If a PAM Provider should not be used, simply enter in the actual value to be used, as normal. + #### Basic Tab + | Attribute | Value | Description | + | --------- | ----- | ----- | + | Name | CitrixAdc | Display name for the store type (may be customized) | + | Short Name | CitrixAdc | Short display name for the store type | + | Capability | CitrixAdc | Store type name orchestrator will register with. Check the box to allow entry of value | + | Supports Add | ✅ Checked | Check the box. Indicates that the Store Type supports Management Add | + | Supports Remove | ✅ Checked | Check the box. Indicates that the Store Type supports Management Remove | + | Supports Discovery | 🔲 Unchecked | Indicates that the Store Type supports Discovery | + | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | + | Supports Create | 🔲 Unchecked | Indicates that the Store Type supports store creation | + | Needs Server | ✅ Checked | Determines if a target server name is required when creating store | + | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint | + | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell | + | Requires Store Password | 🔲 Unchecked | Enables users to optionally specify a store password when defining a Certificate Store. | + | Supports Entry Password | 🔲 Unchecked | Determines if an individual entry within a store can have a password. | -If a PAM Provider will be used for one of the fields above, start by referencing the [Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam). The GitHub repo for the PAM Provider to be used contains important information such as the format of the `json` needed. What follows is an example but does not reflect the `json` values for all PAM Providers as they have different "instance" and "initialization" parameter names and values. + The Basic tab should look like this: -
General PAM Provider Configuration -

+ ![CitrixAdc Basic Tab](docsource/images/CitrixAdc-basic-store-type-dialog.png) + #### Advanced Tab + | Attribute | Value | Description | + | --------- | ----- | ----- | + | Supports Custom Alias | Required | Determines if an individual entry within a store can have a custom Alias. | + | Private Key Handling | Required | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. | + | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) | + The Advanced tab should look like this: -### Example PAM Provider Setup + ![CitrixAdc Advanced Tab](docsource/images/CitrixAdc-advanced-store-type-dialog.png) -To use a PAM Provider to resolve a field, in this example the __Server Password__ will be resolved by the `Hashicorp-Vault` provider, first install the PAM Provider extension from the [Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam) on the Universal Orchestrator. + #### Custom Fields Tab + Custom fields operate at the certificate store level and are used to control how the orchestrator connects to the remote target server containing the certificate store to be managed. The following custom fields should be added to the store type: -Next, complete configuration of the PAM Provider on the UO by editing the `manifest.json` of the __PAM Provider__ (e.g. located at extensions/Hashicorp-Vault/manifest.json). The "initialization" parameters need to be entered here: + | Name | Display Name | Description | Type | Default Value/Options | Required | + | ---- | ------------ | ---- | --------------------- | -------- | ----------- | + | linkToIssuer | Link To Issuer | Determines whether an attempt will be made to link the added certificate (via a Management-Add job) to its issuing CA certificate. | Bool | false | 🔲 Unchecked | -~~~ json - "Keyfactor:PAMProviders:Hashicorp-Vault:InitializationInfo": { - "Host": "http://127.0.0.1:8200", - "Path": "v1/secret/data", - "Token": "xxxxxx" - } -~~~ + The Custom Fields tab should look like this: -After these values are entered, the Orchestrator needs to be restarted to pick up the configuration. Now the PAM Provider can be used on other Orchestrator Extensions. + ![CitrixAdc Custom Fields Tab](docsource/images/CitrixAdc-custom-fields-store-type-dialog.png) -### Use the PAM Provider -With the PAM Provider configured as an extenion on the UO, a `json` object can be passed instead of an actual value to resolve the field with a PAM Provider. Consult the [Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam) for the specific format of the `json` object. -To have the __Server Password__ field resolved by the `Hashicorp-Vault` provider, the corresponding `json` object from the `Hashicorp-Vault` extension needs to be copied and filed in with the correct information: -~~~ json -{"Secret":"my-kv-secret","Key":"myServerPassword"} -~~~ + #### Entry Parameters Tab -This text would be entered in as the value for the __Server Password__, instead of entering in the actual password. The Orchestrator will attempt to use the PAM Provider to retrieve the __Server Password__. If PAM should not be used, just directly enter in the value for the field. -

-
+ | Name | Display Name | Description | Type | Default Value | Entry has a private key | Adding an entry | Removing an entry | Reenrolling an entry | + | ---- | ------------ | ---- | ------------- | ----------------------- | ---------------- | ----------------- | ------------------- | ----------- | + | virtualServerName | Virtual Server Name | When adding a certificate, this can be a single VServer name or a comma separated list of VServers to bind to Note: must match the number of Virtual SNI Cert values. | String | | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | + | sniCert | SNI Cert | When adding a certificate, this can be a single boolean value (true/false) or a comma separated list of boolean values to determine whether the binding should use server name indication. Note: must match the number of Virtual Server Name values. | String | | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | + The Entry Parameters tab should look like this: + ![CitrixAdc Entry Parameters Tab](docsource/images/CitrixAdc-entry-parameters-store-type-dialog.png) ---- +
-# Citrix ADC Orchestrator Configuration -## Overview +## Installation -The Citrix ADC Orchestrator remotely manages certificates on the NetScaler device. Since the ADC supports services including: -Load Balancing, Authentication/Authorization/Auditing (AAA), and Gateways, this orchestrator can bind to any of these virtual servers when using unique virtual server names for each service. +1. **Download the latest Citrix Netscaler Universal Orchestrator extension from GitHub.** -### Permissions + Navigate to the [Citrix Netscaler Universal Orchestrator extension GitHub version page](https://github.com/Keyfactor/citrix-adc-orchestrator/releases/latest). Refer to the compatibility matrix below to determine whether the `net6.0` or `net8.0` asset should be downloaded. Then, click the corresponding asset to download the zip archive. + | Universal Orchestrator Version | Latest .NET version installed on the Universal Orchestrator server | `rollForward` condition in `Orchestrator.runtimeconfig.json` | `citrix-adc-orchestrator` .NET version to download | + | --------- | ----------- | ----------- | ----------- | + | Older than `11.0.0` | | | `net6.0` | + | Between `11.0.0` and `11.5.1` (inclusive) | `net6.0` | | `net6.0` | + | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `Never` | `net6.0` | + | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `LatestMajor` | `net8.0` | + | `11.6` _and_ newer | `net8.0` | | `net8.0` | -The NetScaler user needs permission to perform the following API calls: + Unzip the archive containing extension assemblies to a known location. -API Endpoint|Methods ----|--- -/nitro/v1/config/login|post -/nitro/v1/config/lbvserver| get -/nitro/v1/config/sslcertkey| get, update, add, delete -/nitro/v1/config/sslcertkey_service_binding| get, update, add, delete -/nitro/v1/config/systemfile| get, add, delete + > **Note** If you don't see an asset with a corresponding .NET version, you should always assume that it was compiled for `net6.0`. + +2. **Locate the Universal Orchestrator extensions directory.** + + * **Default on Windows** - `C:\Program Files\Keyfactor\Keyfactor Orchestrator\extensions` + * **Default on Linux** - `/opt/keyfactor/orchestrator/extensions` + +3. **Create a new directory for the Citrix Netscaler Universal Orchestrator extension inside the extensions directory.** + + Create a new directory called `citrix-adc-orchestrator`. + > The directory name does not need to match any names used elsewhere; it just has to be unique within the extensions directory. + +4. **Copy the contents of the downloaded and unzipped assemblies from __step 2__ to the `citrix-adc-orchestrator` directory.** + +5. **Restart the Universal Orchestrator service.** + + Refer to [Starting/Restarting the Universal Orchestrator service](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/StarttheService.htm). + + + +> The above installation steps can be supplimented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/CustomExtensions.htm?Highlight=extensions). -Here is a sample policy with Min Permissions: -* Action: -Allow -* Command Spec: -(^stat\s+(cr|cs|lb|system|vpn))|(^(add|rm|show)\s+system\s+file\s+.*)|(^\S+\s+ssl\s+.*)|(^(show|stat|sync)\s+HA\s+.*)|(^save\s+ns\s+config)|(^(switch|show)\s+ns\s+partition.*) +## Post Installation -### Upgrade Procedures +An optional config.json configuration file has been provided in the extensions folder with a single setting - AutoSaveConfig. Setting this value to "Y" means successful changes made by a management job will automatically be saved to disk; no interaction with the Citrix ADC UI is necessary. Setting this value to "N" (or if the config entry or config file is missing) will keep these changes in memory only. -* Upgrade From v1.0.2 to v2.0.0 - * In the Keyfactor Command Database, run the following SQL Script to update the store types and store information [Upgrade Script](https://github.com/Keyfactor/citrix-adc-orchestrator/blob/snipamupdates/UpgradeScript.sql) +**NOTE:** Any changes in-process through the Citrix ADC UI will also be persisted to disk when a management job is performed and the AutoSaveConfig flag is set to 'Y'. -### Below are specific notes and limitations -* Direct PFX Binding Inventory - * In NetScaler you can directly Bind a Pfx file to a Virtual Server. Keyfactor cannot inventory these because it does not have access to the password. The recommended way to Import PFX Files in NetScaler is descibed in this [NetScaler Documentation](https://docs.netscaler.com/en-us/citrix-adc/12-1/ssl/ssl-certificates/export-existing-certs-keys.html#convert-ssl-certificates-for-import-or-export) +## Defining Certificate Stores -* Specifiy Multiple VServers and Sni Flags - * When Binding to Multiple VServers and using Multiple SniFlags, you must use a comma separated list of values as described in Test Case 13 in the Test Cases Section. This will change in future version, so each binding is a store in Keyfactor. -* Down Time When Replacing Certs - * The orchestrator uses [NetScaler recommended methods](https://docs.netscaler.com/en-us/citrix-adc/12-1/ssl/ssl-certificates/add-group-certs.html) to replace bound certs which creates a sub second blip of downtime. There is currently no way around this if you want readable keypair names. -* Removing Certs from Store - * As defined in Test Cases 5 and 13 below, certificates that are bound to a server will not be removed. This was done to limit the possibility of bringing production servers down. Users are currently required to manually unbind the certificate from the server and then remove the cert using Command. This requirement may change in a future version. +* **Manually with the Command UI** -* Renewals - * The renewal process will find the thumbprint of the cert on all VServers and renew them in all places. See test cases #6 and #10 in the Test Cases section. - -* AutoSave Config - * A new config.json file in the extension folder contains the 'AutoSaveConfig' flag with a default value of 'N'. When this flag is set to 'Y', successful configuration changes made by a management job will be automatically saved to disk; no interaction with the Citrix ADC UI is necessary. - - **NOTE:** Any changes in-process through the Citrix ADC UI will also be persisted to disk when a management job is performed and the AutoSaveConfig flag is set to 'Y'. +
Create Certificate Stores manually in the UI -* Support for Virtual Authentication Servers & Gateways - * When performing management operations to either of services, Users may enter the specific VServer name to complete the operation. + 1. **Navigate to the _Certificate Stores_ page in Keyfactor Command.** - **NOTE:** If multiple VServers share the same Alias, all VServers that share that alias will be updated. + Log into Keyfactor Command, toggle the _Locations_ dropdown, and click _Certificate Stores_. -* Supports optional linking of added certificates to issuing CA certificate if issuing CA is already installed in the managed Netscaler instance. + 2. **Add a Certificate Store.** -
- Cert Store Type Settings -
+ Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form. + | Attribute | Description | + | --------- | ----------- | + | Category | Select "CitrixAdc" or the customized certificate store name from the previous step. | + | Container | Optional container to associate certificate store with. | + | Client Machine | The DNS or IP Address of the Citrix ADC Appliance. | + | Store Path | The path where certificate files are located on the Citrix ADC appliance. This value will likely be /nsconfig/ssl/ | + | Orchestrator | Select an approved orchestrator capable of managing `CitrixAdc` certificates. Specifically, one with the `CitrixAdc` capability. | + | linkToIssuer | Determines whether an attempt will be made to link the added certificate (via a Management-Add job) to its issuing CA certificate. | -![](Images/CertStoreTypeSettings.gif) -**Basic Settings** + -CONFIG ELEMENT | VALUE | DESCRIPTION -------------------|------------------|---------------- -Name |Citrix ADC |A descriptive name for the extension. Example: CitrixAdc -Short Name|CitrixADC|The short name that identifies the registered functionality of the orchestrator. Must be CitrixAdc. -Custom Capability|Unchecked|Store type name orchestrator will register with. -Supported Job Types|Inventory, Add, Remove |Job types this extension supports -Needs Server | Checked | Determines if a target server name is required when creating store -Blueprint Allowed | Unchecked | Determines if store type may be included in an Orchestrator blueprint -Uses PowerShell | Unchecked | Determines if underlying implementation is PowerShell -Requires Store Password|Unchecked |Determines if a store password is required when configuring an individual store. -Supports Entry Password|Unchecked |Determined if an individual entry within a store can have a password. +
-**Advanced Settings** +* **Using kfutil** + +
Create Certificate Stores with kfutil + + 1. **Generate a CSV template for the CitrixAdc certificate store** -CONFIG ELEMENT | VALUE | DESCRIPTION -------------------|------------------|---------------- -Store Path Type |Freeform |Determines what restrictions are applied to the store path field when configuring a new store. -Supports Custom Alias |Required |Determines if an individual entry within a store can have a custom Alias. -Private Keys |Required |This determines if Keyfactor can send the private key associated with a certificate to the store. This is required since Citrix ADC will need the private key material to establish TLS connections. -PFX Password Style |Default or Custom |This determines how the platform generate passwords to protect a PFX enrollment job that is delivered to the store. + ```shell + kfutil stores import generate-template --store-type-name CitrixAdc --outpath CitrixAdc.csv + ``` + 2. **Populate the generated CSV file** -**Custom Fields** + Open the CSV file, and reference the table below to populate parameters for each **Attribute**. + | Attribute | Description | + | --------- | ----------- | + | Category | Select "CitrixAdc" or the customized certificate store name from the previous step. | + | Container | Optional container to associate certificate store with. | + | Client Machine | The DNS or IP Address of the Citrix ADC Appliance. | + | Store Path | The path where certificate files are located on the Citrix ADC appliance. This value will likely be /nsconfig/ssl/ | + | Orchestrator | Select an approved orchestrator capable of managing `CitrixAdc` certificates. Specifically, one with the `CitrixAdc` capability. | + | linkToIssuer | Determines whether an attempt will be made to link the added certificate (via a Management-Add job) to its issuing CA certificate. | -Name|Display Name|Type|Default Value|Required|Description ----|---|---|---|---|--- -ServerUsername|Server Username|Secret||No|The username to log into the Server -ServerPassword|Server Password|Secret||No|The password that matches the username to log into the Server -ServerUseSsl|Use SSL|Bool|True|Yes|Determine whether the server uses SSL or not -linkToIssuer|Link To Issuer|Bool|False|False|Determines whether attempt will be made to link certificate added via a Management-Add job to its issuing CA certificate -**Entry Parameters** + -Name|Display Name|Type|Default Value|Required|Description ----|---|---|---|---|--- -virtualServerName|Virtual Server Name|String| |Leave All Unchecked|When Enrolling, this can be a single or comma separated list of VServers in NetScaler to replace.
**NOTE:** When adding multiple VServers, each certificate will contain the same alias name. -sniCert|SNI Cert|String|false + 3. **Import the CSV file to create the certificate stores** + ```shell + kfutil stores import csv --store-type-name CitrixAdc --file CitrixAdc.csv + ``` +
-
+> The content in this section can be supplimented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store). -
- Cert Store Setup -
-![](Images/CertStore.gif) -#### STORE CONFIG -CONFIG ELEMENT | DESCRIPTION -------------------|------------------ -Client Machine | This is the IP Address of the NetScaler Appliance. -Store Path| This is the path of the NetScaler Appliance. /nsconfig/ssl/. -User| This is the user that will be authenticated against the NetScaler Appliance -Password| This is the password that will be authenticated against the NetScaler Appliance -Use SSL| This should be set to True in Production when there is a valid certificate. -Inventory Schedule| Set this for the appropriate inventory interval needed. -
+## Notes and Limitations +* As of release 2.2.0, ONLY certificate objects (installed certificates) will be managed by the Citrix ADC Orchestrator Extension. Prior versions also managed certificate/key file combinations uploaded to the Citrix ADC device but not yet installed. This functionality has been removed due to issues attempting to match certificate and key files due to inconsistent file naming. +* Direct PFX Binding Inventory: In NetScaler you can directly Bind a Pfx file to a Virtual Server. Keyfactor cannot inventory these because it does not have access to the password. The recommended way to Import PFX Files in NetScaler is descibed in this [NetScaler Documentation](https://docs.netscaler.com/en-us/citrix-adc/12-1/ssl/ssl-certificates/export-existing-certs-keys.html#convert-ssl-certificates-for-import-or-export) -
- Test Cases -
+* Removing Certs from Store: As defined in Test Cases 5 and 13 below, certificates that are bound to a server will not be removed. This was done to limit the possibility of bringing production servers down. Users are currently required to manually unbind the certificate from the server first and then remove via the Command and this orchestrator extension. -Case Number|Case Name|Enrollment Params|Expected Results|Passed|Screenshot -----|------------------------|------------------------------------|--------------|----------------|------------------------- -1 |Add Unbound Cert|**Alias:** TC1.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Adds New Unbound Cert To Citrix ADC|True|![](Images/TC1.gif) -2 |Remove Unbound Cert|**Alias:** TC1.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Removes Unbound Cert From Citrix ADC|True|![](Images/TC2.gif) -3 |Add Bound Cert|**Alias:** TC3.boingy.com
**Virtual Server Name:** TestVServer
**Sni Cert:** false|Adds a new bound cert to TestVServer Virtual Server|True|![](Images/TC3.gif) -4 |Add Bound Cert Multiple VServers|**Alias:** TC4.boingy.com
**Virtual Server Name:** TestVServer,TestVServer2
**Sni Cert:** false,false|Adds New Bound Cert To Both Servers in Citrix|True|![](Images/TC4.gif) -5 |Remove Bound Cert|**Alias:** TC4.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Will Not Remove because it is bound. Must Unbind it First|True|![](Images/TC5.gif) -6 |Renew Bound Cert|**Alias:** TC4.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Renews Bound Cert on Both VServers|True|![](Images/TC6.gif) -7 |Replace Bound Cert No Overwrite |**Alias:** TC4.boingy.com
**Virtual Server Name:** TestVServer,TestVServer2
**Sni Cert:** false,false|Will Not replace, overwrite flag needed|True|![](Images/TC7.gif) -8 |Replace Bound Cert with Overwrite|**Alias:** 16934
**Virtual Server Name:**
**Sni Cert:** false|Will do the replace because overwrite was used|True|![](Images/TC8.gif) -9 |Add Sni Cert and Bind|**Alias:** TC9.boingy.com
**Virtual Server Name:** TestVServer
**Sni Cert:** false|Will bind an additional SNI Cert to a VServer|True|![](Images/TC9.gif) -10 |Renew bound Sni Cert|**Alias:** TC10.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Will Renew the Sni Cert Bound to the Site|True|![](Images/TC10.gif) -11 |Replace bound Sni Cert with Overwrite|**Alias:** TC9.boingy.com
**Virtual Server Name:** TestVServer
**Sni Cert:** true|Sni Cert Will Be Replaced and bound|True|![](Images/TC11.gif) -12 |Remove Bound Sni Cert|**Alias:** TC9.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Will Not Remove because it is bound. Must Unbind it First|True|![](Images/TC12.gif) -13 |Add Sni Cert To Multiple VServers and bind|**Alias:** TC13.boingy.com
**Virtual Server Name:** TestVServer,TestVServer2
**Sni Cert:** false,true|Adds and binds Cert to TestVServer and adds and binds Sni Cert to TestVServer2|True|![](Images/TC13.gif) -14 |Inventory |No Params|Will Perform Inventory and pull down all Certs Tied to VServers|True|![](Images/TC14.gif) -
+## License -When creating cert store type manually, that store property names and entry parameter names are case sensitive +Apache License 2.0, see [LICENSE](LICENSE). +## Related Integrations +See all [Keyfactor Universal Orchestrator extensions](https://github.com/orgs/Keyfactor/repositories?q=orchestrator). \ No newline at end of file diff --git a/docsource/citrixadc.md b/docsource/citrixadc.md new file mode 100644 index 0000000..ed37e8e --- /dev/null +++ b/docsource/citrixadc.md @@ -0,0 +1 @@ +## Overview diff --git a/docsource/content.md b/docsource/content.md new file mode 100644 index 0000000..f8702ae --- /dev/null +++ b/docsource/content.md @@ -0,0 +1,36 @@ +## Overview + +The Citrix ADC Orchestrator remotely manages certificate objects on a Citrix ADC device. Since the ADC supports services including: +Load Balancing, Authentication/Authorization/Auditing (AAA), and Gateways, this orchestrator can bind to any of these virtual servers when using unique virtual server names for each service. + +## Requirements + +The Citrix ADC user needs permission to perform the following API calls: + +API Endpoint|Methods +---|--- +/nitro/v1/config/login|post +/nitro/v1/config/lbvserver| get +/nitro/v1/config/sslcertkey| get, update, add, delete +/nitro/v1/config/sslcertkey_service_binding| get, update, add, delete +/nitro/v1/config/systemfile| get, add, delete + +Here is a sample policy with Min Permissions: +* Action: +Allow +* Command Spec: +(^stat\s+(cr|cs|lb|system|vpn))|(^(add|rm|show)\s+system\s+file\s+.*)|(^\S+\s+ssl\s+.*)|(^(show|stat|sync)\s+HA\s+.*)|(^save\s+ns\s+config)|(^(switch|show)\s+ns\s+partition.*) + +## Post Installation + +An optional config.json configuration file has been provided in the extensions folder with a single setting - AutoSaveConfig. Setting this value to "Y" means successful changes made by a management job will automatically be saved to disk; no interaction with the Citrix ADC UI is necessary. Setting this value to "N" (or if the config entry or config file is missing) will keep these changes in memory only. + +**NOTE:** Any changes in-process through the Citrix ADC UI will also be persisted to disk when a management job is performed and the AutoSaveConfig flag is set to 'Y'. + +## Notes and Limitations + +* As of release 2.2.0, ONLY certificate objects (installed certificates) will be managed by the Citrix ADC Orchestrator Extension. Prior versions also managed certificate/key file combinations uploaded to the Citrix ADC device but not yet installed. This functionality has been removed due to issues attempting to match certificate and key files due to inconsistent file naming. + +* Direct PFX Binding Inventory: In NetScaler you can directly Bind a Pfx file to a Virtual Server. Keyfactor cannot inventory these because it does not have access to the password. The recommended way to Import PFX Files in NetScaler is descibed in this [NetScaler Documentation](https://docs.netscaler.com/en-us/citrix-adc/12-1/ssl/ssl-certificates/export-existing-certs-keys.html#convert-ssl-certificates-for-import-or-export) + +* Removing Certs from Store: As defined in Test Cases 5 and 13 below, certificates that are bound to a server will not be removed. This was done to limit the possibility of bringing production servers down. Users are currently required to manually unbind the certificate from the server first and then remove via the Command and this orchestrator extension. diff --git a/docsource/images/CitrixAdc-advanced-store-type-dialog.png b/docsource/images/CitrixAdc-advanced-store-type-dialog.png new file mode 100644 index 0000000..2b71e8c Binary files /dev/null and b/docsource/images/CitrixAdc-advanced-store-type-dialog.png differ diff --git a/docsource/images/CitrixAdc-basic-store-type-dialog.png b/docsource/images/CitrixAdc-basic-store-type-dialog.png new file mode 100644 index 0000000..e1bd8a5 Binary files /dev/null and b/docsource/images/CitrixAdc-basic-store-type-dialog.png differ diff --git a/docsource/images/CitrixAdc-custom-fields-store-type-dialog.png b/docsource/images/CitrixAdc-custom-fields-store-type-dialog.png new file mode 100644 index 0000000..02e2062 Binary files /dev/null and b/docsource/images/CitrixAdc-custom-fields-store-type-dialog.png differ diff --git a/docsource/images/CitrixAdc-entry-parameters-store-type-dialog.png b/docsource/images/CitrixAdc-entry-parameters-store-type-dialog.png new file mode 100644 index 0000000..e8e9f64 Binary files /dev/null and b/docsource/images/CitrixAdc-entry-parameters-store-type-dialog.png differ diff --git a/integration-manifest.json b/integration-manifest.json index 020ecd5..ff0dd3e 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -1,125 +1,82 @@ { - "$schema": "https://keyfactor.github.io/integration-manifest-schema.json", - "integration_type": "orchestrator", - "name": "Citrix Netscaler Universal Orchestrator", - "status": "production", - "link_github": true, - "update_catalog": true, - "support_level": "kf-supported", - "release_dir": "CitrixAdcOrchestratorJobExtension/bin/Release/netcoreapp3.1", - "description": "Orchestrator to manage certificates and keys on one to many VServers in Netscaler. The integration supports Enrollment, Renewal, Inventory and Remove from Store.", - "about": { - "orchestrator": { - "UOFramework": "10.1", - "pam_support": true, - "keyfactor_platform_version": "9.10", - "win": { - "supportsCreateStore": false, - "supportsDiscovery": false, - "supportsManagementAdd": true, - "supportsManagementRemove": true, - "supportsReenrollment": false, - "supportsInventory": true, - "platformSupport": "Unused" - }, - "linux": { - "supportsCreateStore": false, - "supportsDiscovery": false, - "supportsManagementAdd": true, - "supportsManagementRemove": true, - "supportsReenrollment": false, - "supportsInventory": true, - "platformSupport": "Unused" - }, - "store_types": { - "CitrixAdc": { - "Name": "CitrixAdc", - "ShortName": "CitrixAdc", - "Capability": "CitrixAdc", - "LocalStore": false, - "SupportedOperations": { - "Add": true, - "Create": false, - "Discovery": false, - "Enrollment": false, - "Remove": true - }, - "Properties": [ - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": null, - "DefaultValue": "true", - "Required": true - }, - { - "Name": "linkToIssuer", - "DisplayName": "Link To Issuer", - "Type": "Bool", - "DependsOn": null, - "DefaultValue": "false", - "Required": false - } - ], - "EntryParameters": [ - { - "Name": "virtualServerName", - "DisplayName": "Virtual Server Name", - "Type": "String", - "RequiredWhen": { - "HasPrivateKey": false, - "OnAdd": false, - "OnRemove": false, - "OnReenrollment": false - } - }, - { - "Name": "sniCert", - "DisplayName": "SNI Cert", - "Type": "String", - "RequiredWhen": { - "HasPrivateKey": false, - "OnAdd": true, - "OnRemove": false, - "OnReenrollment": false - }, - "DefaultValue": "FALSE" - } - ], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Required", - "JobProperties": [ - "virtualServerName", - "sniCert" - ], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Required", - "InventoryEndpoint": "/AnyInventory/Update" + "$schema": "https://keyfactor.github.io/v2/integration-manifest-schema.json", + "integration_type": "orchestrator", + "name": "Citrix Netscaler Universal Orchestrator", + "status": "production", + "link_github": true, + "update_catalog": true, + "support_level": "kf-supported", + "release_dir": "CitrixAdcOrchestratorJobExtension/bin/Release", + "release_project": "CitrixAdcOrchestratorJobExtension/Keyfactor.Extensions.Orchestrator.CitricAdc.csproj", + "description": "Orchestrator to manage certificates and keys on one to many VServers in Netscaler. The integration supports Enrollment, Renewal, Inventory and Remove from Store.", + "about": { + "orchestrator": { + "UOFramework": "10.4", + "pam_support": true, + "keyfactor_platform_version": "10.4", + "store_types": [ + { + "Name": "CitrixAdc", + "ShortName": "CitrixAdc", + "Capability": "CitrixAdc", + "ServerRequired": true, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "PowerShell": false, + "PrivateKeyAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "Properties": [ + { + "Name": "linkToIssuer", + "DisplayName": "Link To Issuer", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false, + "Description": "Determines whether an attempt will be made to link the added certificate (via a Management-Add job) to its issuing CA certificate." + } + ], + "EntryParameters": [ + { + "Name": "virtualServerName", + "DisplayName": "Virtual Server Name", + "Type": "String", + "Description": "When adding a certificate, this can be a single VServer name or a comma separated list of VServers to bind to Note: must match the number of Virtual SNI Cert values.", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + } + }, + { + "Name": "sniCert", + "DisplayName": "SNI Cert", + "Type": "String", + "Description": "When adding a certificate, this can be a single boolean value (true/false) or a comma separated list of boolean values to determine whether the binding should use server name indication. Note: must match the number of Virtual Server Name values.", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + } + } + ], + "ClientMachineDescription": "The DNS or IP Address of the Citrix ADC Appliance.", + "StorePathDescription": "The path where certificate files are located on the Citrix ADC appliance. This value will likely be /nsconfig/ssl/" + } + ] } - } } - } -} +} \ No newline at end of file diff --git a/readme-src/readme-pam-support.md b/readme-src/readme-pam-support.md deleted file mode 100644 index c70fd74..0000000 --- a/readme-src/readme-pam-support.md +++ /dev/null @@ -1,5 +0,0 @@ -|Name|Description| -|----|-----------| -|ServerUsername|The user id that will be used to authenticate into the server hosting the store| -|ServerPassword|The password that will be used to authenticate into the server hosting the store| -|StorePassword|The optional password used to secure the certificate store being managed| diff --git a/readme_source.md b/readme_source.md deleted file mode 100644 index a184e7a..0000000 --- a/readme_source.md +++ /dev/null @@ -1,149 +0,0 @@ -# Citrix ADC Orchestrator Configuration -## Overview - -The Citrix ADC Orchestrator remotely manages certificates on the NetScaler device. Since the ADC supports services including: -Load Balancing, Authentication/Authorization/Auditing (AAA), and Gateways, this orchestrator can bind to any of these virtual servers when using unique virtual server names for each service. - -### Permissions - -The NetScaler user needs permission to perform the following API calls: - -API Endpoint|Methods ----|--- -/nitro/v1/config/login|post -/nitro/v1/config/lbvserver| get -/nitro/v1/config/sslcertkey| get, update, add, delete -/nitro/v1/config/sslcertkey_service_binding| get, update, add, delete -/nitro/v1/config/systemfile| get, add, delete - -Here is a sample policy with Min Permissions: -* Action: -Allow -* Command Spec: -(^stat\s+(cr|cs|lb|system|vpn))|(^(add|rm|show)\s+system\s+file\s+.*)|(^\S+\s+ssl\s+.*)|(^(show|stat|sync)\s+HA\s+.*)|(^save\s+ns\s+config)|(^(switch|show)\s+ns\s+partition.*) - - -### Upgrade Procedures - -* Upgrade From v1.0.2 to v2.0.0 - * In the Keyfactor Command Database, run the following SQL Script to update the store types and store information [Upgrade Script](https://github.com/Keyfactor/citrix-adc-orchestrator/blob/snipamupdates/UpgradeScript.sql) - -### Below are specific notes and limitations - -* Direct PFX Binding Inventory - * In NetScaler you can directly Bind a Pfx file to a Virtual Server. Keyfactor cannot inventory these because it does not have access to the password. The recommended way to Import PFX Files in NetScaler is descibed in this [NetScaler Documentation](https://docs.netscaler.com/en-us/citrix-adc/12-1/ssl/ssl-certificates/export-existing-certs-keys.html#convert-ssl-certificates-for-import-or-export) - -* Specifiy Multiple VServers and Sni Flags - * When Binding to Multiple VServers and using Multiple SniFlags, you must use a comma separated list of values as described in Test Case 13 in the Test Cases Section. This will change in future version, so each binding is a store in Keyfactor. - -* Down Time When Replacing Certs - * The orchestrator uses [NetScaler recommended methods](https://docs.netscaler.com/en-us/citrix-adc/12-1/ssl/ssl-certificates/add-group-certs.html) to replace bound certs which creates a sub second blip of downtime. There is currently no way around this if you want readable keypair names. - -* Removing Certs from Store - * As defined in Test Cases 5 and 13 below, certificates that are bound to a server will not be removed. This was done to limit the possibility of bringing production servers down. Users are currently required to manually unbind the certificate from the server and then remove the cert using Command. This requirement may change in a future version. - -* Renewals - * The renewal process will find the thumbprint of the cert on all VServers and renew them in all places. See test cases #6 and #10 in the Test Cases section. - -* AutoSave Config - * A new config.json file in the extension folder contains the 'AutoSaveConfig' flag with a default value of 'N'. When this flag is set to 'Y', successful configuration changes made by a management job will be automatically saved to disk; no interaction with the Citrix ADC UI is necessary. - - **NOTE:** Any changes in-process through the Citrix ADC UI will also be persisted to disk when a management job is performed and the AutoSaveConfig flag is set to 'Y'. - -* Support for Virtual Authentication Servers & Gateways - * When performing management operations to either of services, Users may enter the specific VServer name to complete the operation. - - **NOTE:** If multiple VServers share the same Alias, all VServers that share that alias will be updated. - -* Supports optional linking of added certificates to issuing CA certificate if issuing CA is already installed in the managed Netscaler instance. - -
- Cert Store Type Settings -
- -![](Images/CertStoreTypeSettings.gif) - -**Basic Settings** - -CONFIG ELEMENT | VALUE | DESCRIPTION -------------------|------------------|---------------- -Name |Citrix ADC |A descriptive name for the extension. Example: CitrixAdc -Short Name|CitrixADC|The short name that identifies the registered functionality of the orchestrator. Must be CitrixAdc. -Custom Capability|Unchecked|Store type name orchestrator will register with. -Supported Job Types|Inventory, Add, Remove |Job types this extension supports -Needs Server | Checked | Determines if a target server name is required when creating store -Blueprint Allowed | Unchecked | Determines if store type may be included in an Orchestrator blueprint -Uses PowerShell | Unchecked | Determines if underlying implementation is PowerShell -Requires Store Password|Unchecked |Determines if a store password is required when configuring an individual store. -Supports Entry Password|Unchecked |Determined if an individual entry within a store can have a password. - -**Advanced Settings** - -CONFIG ELEMENT | VALUE | DESCRIPTION -------------------|------------------|---------------- -Store Path Type |Freeform |Determines what restrictions are applied to the store path field when configuring a new store. -Supports Custom Alias |Required |Determines if an individual entry within a store can have a custom Alias. -Private Keys |Required |This determines if Keyfactor can send the private key associated with a certificate to the store. This is required since Citrix ADC will need the private key material to establish TLS connections. -PFX Password Style |Default or Custom |This determines how the platform generate passwords to protect a PFX enrollment job that is delivered to the store. - -**Custom Fields** - -Name|Display Name|Type|Default Value|Required|Description ----|---|---|---|---|--- -ServerUsername|Server Username|Secret||No|The username to log into the Server -ServerPassword|Server Password|Secret||No|The password that matches the username to log into the Server -ServerUseSsl|Use SSL|Bool|True|Yes|Determine whether the server uses SSL or not -linkToIssuer|Link To Issuer|Bool|False|False|Determines whether attempt will be made to link certificate added via a Management-Add job to its issuing CA certificate - -**Entry Parameters** - -Name|Display Name|Type|Default Value|Required|Description ----|---|---|---|---|--- -virtualServerName|Virtual Server Name|String| |Leave All Unchecked|When Enrolling, this can be a single or comma separated list of VServers in NetScaler to replace.
**NOTE:** When adding multiple VServers, each certificate will contain the same alias name. -sniCert|SNI Cert|String|false - - -
- -
- Cert Store Setup -
- -![](Images/CertStore.gif) - -#### STORE CONFIG -CONFIG ELEMENT | DESCRIPTION -------------------|------------------ -Client Machine | This is the IP Address of the NetScaler Appliance. -Store Path| This is the path of the NetScaler Appliance. /nsconfig/ssl/. -User| This is the user that will be authenticated against the NetScaler Appliance -Password| This is the password that will be authenticated against the NetScaler Appliance -Use SSL| This should be set to True in Production when there is a valid certificate. -Inventory Schedule| Set this for the appropriate inventory interval needed. - -
- - - -
- Test Cases -
- -Case Number|Case Name|Enrollment Params|Expected Results|Passed|Screenshot -----|------------------------|------------------------------------|--------------|----------------|------------------------- -1 |Add Unbound Cert|**Alias:** TC1.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Adds New Unbound Cert To Citrix ADC|True|![](Images/TC1.gif) -2 |Remove Unbound Cert|**Alias:** TC1.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Removes Unbound Cert From Citrix ADC|True|![](Images/TC2.gif) -3 |Add Bound Cert|**Alias:** TC3.boingy.com
**Virtual Server Name:** TestVServer
**Sni Cert:** false|Adds a new bound cert to TestVServer Virtual Server|True|![](Images/TC3.gif) -4 |Add Bound Cert Multiple VServers|**Alias:** TC4.boingy.com
**Virtual Server Name:** TestVServer,TestVServer2
**Sni Cert:** false,false|Adds New Bound Cert To Both Servers in Citrix|True|![](Images/TC4.gif) -5 |Remove Bound Cert|**Alias:** TC4.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Will Not Remove because it is bound. Must Unbind it First|True|![](Images/TC5.gif) -6 |Renew Bound Cert|**Alias:** TC4.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Renews Bound Cert on Both VServers|True|![](Images/TC6.gif) -7 |Replace Bound Cert No Overwrite |**Alias:** TC4.boingy.com
**Virtual Server Name:** TestVServer,TestVServer2
**Sni Cert:** false,false|Will Not replace, overwrite flag needed|True|![](Images/TC7.gif) -8 |Replace Bound Cert with Overwrite|**Alias:** 16934
**Virtual Server Name:**
**Sni Cert:** false|Will do the replace because overwrite was used|True|![](Images/TC8.gif) -9 |Add Sni Cert and Bind|**Alias:** TC9.boingy.com
**Virtual Server Name:** TestVServer
**Sni Cert:** false|Will bind an additional SNI Cert to a VServer|True|![](Images/TC9.gif) -10 |Renew bound Sni Cert|**Alias:** TC10.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Will Renew the Sni Cert Bound to the Site|True|![](Images/TC10.gif) -11 |Replace bound Sni Cert with Overwrite|**Alias:** TC9.boingy.com
**Virtual Server Name:** TestVServer
**Sni Cert:** true|Sni Cert Will Be Replaced and bound|True|![](Images/TC11.gif) -12 |Remove Bound Sni Cert|**Alias:** TC9.boingy.com
**Virtual Server Name:**
**Sni Cert:** false|Will Not Remove because it is bound. Must Unbind it First|True|![](Images/TC12.gif) -13 |Add Sni Cert To Multiple VServers and bind|**Alias:** TC13.boingy.com
**Virtual Server Name:** TestVServer,TestVServer2
**Sni Cert:** false,true|Adds and binds Cert to TestVServer and adds and binds Sni Cert to TestVServer2|True|![](Images/TC13.gif) -14 |Inventory |No Params|Will Perform Inventory and pull down all Certs Tied to VServers|True|![](Images/TC14.gif) - -