You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
_logger.LogError($"Unable to parse enum value for product parameter: {parameter} - valid values are: {string.Join(", ",Enum.GetNames(fieldInfo.FieldType))}");
196
+
thrownewArgumentException($"Unable to parse enum value for product parameter: {parameter} - valid values are: {string.Join(", ",Enum.GetNames(fieldInfo.FieldType))}");
197
+
}
198
+
}
183
199
elseif(fieldInfo==null)
184
200
{
185
-
_logger.LogError($"Failed to find property for product parameter: {parameter}");
186
-
thrownewArgumentException($"Failed to find property for product parameter: {parameter}");
201
+
_logger.LogError($"Failed to find field for product parameter: {parameter}");
202
+
thrownewArgumentException($"Failed to find field for product parameter: {parameter}");
187
203
}
188
204
else
189
205
{
190
-
_logger.LogError($"Invalid property type for product parameter: {parameter}");
191
-
thrownewArgumentException($"Invalid property type for product parameter: {parameter}");
206
+
_logger.LogError($"Invalid field type for product parameter: {parameter}");
207
+
thrownewArgumentException($"Invalid field type for product parameter: {parameter}");
Comments="The certificate's root CA - Depending on certificate expiration date, SHA_1 not be allowed. Will default to SHA_2 if expiration date exceeds sha1 allowed date. Options are GODADDY_SHA_1, GODADDY_SHA_2, STARFIELD_SHA_1, or STARFIELD_SHA_2.",
Copy file name to clipboardExpand all lines: README.md
+101-6Lines changed: 101 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
<h1align="center"style="border-bottom: none">
2
-
GoDaddy
2
+
GoDaddy AnyCA Gateway Plugin
3
3
</h1>
4
4
5
5
<palign="center">
@@ -16,6 +16,10 @@
16
16
<b>Support</b>
17
17
</a>
18
18
·
19
+
<ahref="#installation">
20
+
<b>Installation</b>
21
+
</a>
22
+
·
19
23
<ahref="#license">
20
24
<b>License</b>
21
25
</a>
@@ -26,7 +30,7 @@
26
30
</p>
27
31
28
32
29
-
The GoDaddy AnyCA REST plugin extends the capabilities of the [GoDaddy Certificate Authority (CA)](https://www.godaddy.com/web-security/ssl-certificate) to Keyfactor Command via the Keyfactor AnyCA REST Gateway. The plugin represents a fully featured AnyCA REST Plugin with the following capabilies:
33
+
The GoDaddy AnyCA REST plugin extends the capabilities of the [GoDaddy Certificate Authority (CA)](https://www.godaddy.com/web-security/ssl-certificate) to Keyfactor Command via the Keyfactor . The plugin represents a fully featured AnyCA REST Plugin with the following capabilies:
30
34
* CA Sync:
31
35
* Download all certificates issued to the customer by the GoDaddy CA.
32
36
* Certificate enrollment for all published GoDaddy Certificate SKUs:
@@ -40,17 +44,18 @@ The GoDaddy AnyCA REST plugin extends the capabilities of the [GoDaddy Certifica
40
44
41
45
## Compatibility
42
46
43
-
The GoDaddy AnyCA REST plugin is compatible with the Keyfactor AnyCA REST Gateway 24.2 and later.
47
+
The GoDaddy AnyCA Gateway plugin is compatible with the Keyfactor AnyCA Gateway REST 24.2 and later.
44
48
45
49
## Support
46
-
The GoDaddy AnyCA REST plugin is open source and community supported, meaning that there is **no SLA** applicable.
50
+
The GoDaddy AnyCA Gateway plugin is open source and community supported, meaning that there is **no SLA** applicable.
47
51
48
52
> To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.
49
53
50
54
## Requirements
55
+
51
56
1.**GoDaddy Account**
52
57
53
-
To use the GoDaddy AnyCA REST plugin, a production GoDaddy account must be created and fully configured. To create a new account, follow [GoDaddy's official documentation](https://www.godaddy.com/help/create-a-godaddy-account-16618). Make sure that your [account Profile is fully configured](https://www.godaddy.com/help/update-my-godaddy-account-profile-27250) with at least the following fields:
58
+
To use the GoDaddy AnyCA REST plugin, a production GoDaddy account must be created and configured fully. To create a new account, follow [GoDaddy's official documentation](https://www.godaddy.com/help/create-a-godaddy-account-16618). Make sure that your [account Profile is configured fully](https://www.godaddy.com/help/update-my-godaddy-account-profile-27250) with at least the following fields:
54
59
* Full Name
55
60
* Address
56
61
* Organization
@@ -65,7 +70,7 @@ The GoDaddy AnyCA REST plugin is open source and community supported, meaning th
65
70
66
71
3.**GoDaddy API Key**
67
72
68
-
The GoDaddy AnyCA REST plugin uses the [GoDaddy API](https://developer.godaddy.com/doc/endpoint/certificates) to perform all certificate operations. GoDaddy offers an environment for testing (OTE) and an environment for production use (Production). To configure the plugin, follow the [official GoDaddy documentation](https://developer.godaddy.com/getstarted) to create a [production API key](https://developer.godaddy.com/keys). To configure the AnyCA REST Gateway, you'll need the following parameters handy:
73
+
The GoDaddy AnyCA REST plugin uses the [GoDaddy API](https://developer.godaddy.com/doc/endpoint/certificates) to perform all certificate operations. GoDaddy offers an environment for testing (OTE) and an environment for production use (Production). To configure the plugin, follow the [official GoDaddy documentation](https://developer.godaddy.com/getstarted) to create a [production API key](https://developer.godaddy.com/keys). To configure the , you'll need the following parameters handy:
69
74
70
75
* API URL (https://api.godaddy.com or https://api.ote-godaddy.com)
71
76
* API Key
@@ -79,7 +84,97 @@ The GoDaddy AnyCA REST plugin is open source and community supported, meaning th
79
84
80
85
## Installation
81
86
87
+
1. Install the AnyCA Gateway REST per the [official Keyfactor documentation](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/InstallIntroduction.htm).
88
+
89
+
2. On the server hosting the AnyCA Gateway REST, download and unzip the latest [GoDaddy AnyCA Gateway REST plugin](https://github.com/Keyfactor/godaddy-anycagateway/releases/latest) from GitHub.
90
+
91
+
3. Copy the unzipped directory (usually called `net6.0`) to the Extensions directory:
92
+
93
+
```shell
94
+
Program Files\Keyfactor\AnyCA Gateway\AnyGatewayREST\net6.0\Extensions
95
+
```
96
+
97
+
> The directory containing the GoDaddy AnyCA Gateway REST plugin DLLs (`net6.0`) can be named anything, as long as it is unique within the `Extensions` directory.
98
+
99
+
4. Restart the AnyCA Gateway REST service.
100
+
101
+
5. Navigate to the AnyCA Gateway REST portal and verify that the Gateway recognizes the GoDaddy plugin by hovering over the ⓘ symbol to the right of the Gateway on the top left of the portal.
102
+
103
+
## Configuration
104
+
105
+
1. Follow the [official AnyCA Gateway REST documentation](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCA-Gateway.htm) to define a new Certificate Authority, and use the notes below to configure the **Gateway Registration** and **CA Connection** tabs:
106
+
107
+
***Gateway Registration**
108
+
109
+
110
+
GoDaddy has four available Certificate Authorities:
Each defined Certificate Authority in the AnyCA REST can support one certificate authority. Since GoDaddy has four available Certificate Authorities, if you require certificate enrollment from multiple GoDaddy Certificate Authorities, you must define multiple Certificate Authorities in the AnyCA Gateway REST. This will manifest in Command as one GoDaddy CA per defined Certificate Authority.
126
+
127
+
128
+
129
+
***CA Connection**
130
+
131
+
Populate using the configuration fields collected in the [requirements](#requirements) section.
132
+
133
+
134
+
135
+
***ApiKey** - The API Key for the GoDaddy API
136
+
***ApiSecret** - The API Secret for the GoDaddy API
137
+
***BaseUrl** - The Base URL for the GoDaddy API - Usually either https://api.godaddy.com or https://api.ote-godaddy.com
138
+
***ShopperId** - The Shopper ID of the GoDaddy account to use for the API calls (ex: 1234567890) - has a max length of 10 digits
139
+
***Enabled** - Flag to Enable or Disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available.
140
+
141
+
2. Define [Certificate Profiles](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCP-Gateway.htm) and [Certificate Templates](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCA-Gateway.htm) for the Certificate Authority as required. One Certificate Profile must be defined per Certificate Template. It's recommended that each Certificate Profile be named after the Product ID. The GoDaddy plugin supports the following product IDs:
142
+
143
+
144
+
145
+
* **DV_SSL**
146
+
* **DV_WILDCARD_SSL**
147
+
* **EV_SSL**
148
+
* **OV_CS**
149
+
* **OV_DS**
150
+
* **OV_SSL**
151
+
* **OV_WILDCARD_SSL**
152
+
* **UCC_DV_SSL**
153
+
* **UCC_EV_SSL**
154
+
* **UCC_OV_SSL**
155
+
156
+
3. Follow the [official Keyfactor documentation](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCA-Keyfactor.htm) to add each defined Certificate Authority to Keyfactor Command and import the newly defined Certificate Templates.
157
+
158
+
4. In Keyfactor Command, for each imported Certificate Template, follow the [official documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Configuring%20Template%20Options.htm) to define enrollment fields for each of the following parameters:
159
+
160
+
82
161
162
+
* **JobTitle** - The job title of the certificate requestor
163
+
* **CertificateValidityInYears** - Number of years the certificate will be valid for
164
+
* **LastName** - Last name of the certificate requestor
165
+
* **FirstName** - First name of the certificate requestor
166
+
* **Email** - Email address of the requestor
167
+
* **Phone** - Phone number of the requestor
168
+
* **SlotSize** - Maximum number of SANs that a certificate may have - valid values are [FIVE, TEN, FIFTEEN, TWENTY, THIRTY, FOURTY, FIFTY, ONE_HUNDRED]
169
+
* **OrganizationName** - Name of the organization to be validated against
170
+
* **OrganizationAddress** - Address of the organization to be validated against
171
+
* **OrganizationCity** - City of the organization to be validated against
172
+
* **OrganizationState** - Full state name of the organization to be validated against
173
+
* **OrganizationCountry** - 2 character abbreviation of the country of the organization to be validated against
174
+
* **OrganizationPhone** - Phone number of the organization to be validated against
175
+
* **RegistrationAgent** - Registration agent name assigned to the organization when its documents were filed for registration
176
+
* **RegistrationNumber** - Registration number assigned to the organization when its documents were filed for registration
177
+
* **RootCAType** - The certificate's root CA - Depending on certificate expiration date, SHA_1 not be allowed. Will default to SHA_2 if expiration date exceeds sha1 allowed date. Options are GODADDY_SHA_1, GODADDY_SHA_2, STARFIELD_SHA_1, or STARFIELD_SHA_2.
0 commit comments