From 822a87982e47320a606956ac8f6b74e6d1062f4d Mon Sep 17 00:00:00 2001
From: Brian Hill <bhill@keyfactor.com>
Date: Thu, 12 Dec 2024 09:34:54 -0500
Subject: [PATCH 01/18] changed target frameworks and removed logging items

---
 DataPower/DataPower.csproj   | 5 +++--
 DataPower/Jobs/Inventory.cs  | 1 -
 DataPower/Jobs/Management.cs | 1 -
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/DataPower/DataPower.csproj b/DataPower/DataPower.csproj
index b33a611..61cd49d 100644
--- a/DataPower/DataPower.csproj
+++ b/DataPower/DataPower.csproj
@@ -1,9 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp3.1</TargetFramework>
-    <RootNamespace>Keyfactor.Extensions.Orchestrator.DataPower</RootNamespace>
+    <AppendTargetFrameworkToOutputPath>true</AppendTargetFrameworkToOutputPath>
+    <TargetFrameworks>net6.0;net8.0</TargetFrameworks>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
+    <ImplicitUsings>disable</ImplicitUsings>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
diff --git a/DataPower/Jobs/Inventory.cs b/DataPower/Jobs/Inventory.cs
index 2af3200..9a06d61 100644
--- a/DataPower/Jobs/Inventory.cs
+++ b/DataPower/Jobs/Inventory.cs
@@ -74,7 +74,6 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven
                 _protocol = ci.Protocol;
                 _logger.LogTrace(
                     $"Certificate Config Domain: {ci.Domain} and Certificate Store: {ci.CertificateStore}");
-                _logger.LogTrace($"Any Job Config {JsonConvert.SerializeObject(config)}");
                 _logger.LogTrace("Entering IBM DataPower: Certificate Inventory");
                 _logger.LogTrace(
                     $"Entering processJob for Domain: {ci.Domain} and Certificate Store: {ci.CertificateStore}");
diff --git a/DataPower/Jobs/Management.cs b/DataPower/Jobs/Management.cs
index a870902..a535f00 100644
--- a/DataPower/Jobs/Management.cs
+++ b/DataPower/Jobs/Management.cs
@@ -43,7 +43,6 @@ public JobResult ProcessJob(ManagementJobConfiguration config)
             try
             {
                 _logger.MethodEntry(LogLevel.Debug);
-                _logger.LogTrace($"Any Job Config {JsonConvert.SerializeObject(config)}");
 
                 var ci = Utility.ParseCertificateConfig(config);
                 var np = Utility.ParseStoreProperties(config);

From db0728304db6a1574d242923a012062386f64004 Mon Sep 17 00:00:00 2001
From: Brian Hill <bhill@keyfactor.com>
Date: Thu, 12 Dec 2024 13:01:23 -0500
Subject: [PATCH 02/18] Workflow Update

---
 .../workflows/keyfactor-starter-workflow.yml  | 56 ++++++-------------
 1 file changed, 17 insertions(+), 39 deletions(-)

diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml
index 21c92e2..a4649f2 100644
--- a/.github/workflows/keyfactor-starter-workflow.yml
+++ b/.github/workflows/keyfactor-starter-workflow.yml
@@ -1,42 +1,20 @@
-name: Starter Workflow
-on: [workflow_dispatch, push, pull_request]
+name: Keyfactor Bootstrap Workflow
 
-jobs:
-  call-create-github-release-workflow:
-    uses: Keyfactor/actions/.github/workflows/github-release.yml@main
-
-  get-manifest-properties:
-    runs-on: windows-latest
-    outputs:
-      update_catalog: ${{ steps.read-json.outputs.prop }}
-    steps:
-      - uses: actions/checkout@v3
-      - name: Read json
-        id: read-json
-        shell: pwsh
-        run: |
-          $json = Get-Content integration-manifest.json | ConvertFrom-Json
-          echo "::set-output name=prop::$(echo $json.update_catalog)"
-
-  call-dotnet-build-and-release-workflow:
-    needs: [call-create-github-release-workflow]
-    uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main
-    with:
-      release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
-      release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }}
-      release_dir: DataPower/bin/Debug # TODO: set build output directory to upload as a release, relative to checkout workspace
-    secrets: 
-      token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }}
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, closed, synchronize, edited, reopened]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
 
-  call-generate-readme-workflow:
-    if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
-    uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/starter.yml@3.1.2
     secrets:
-      token: ${{ secrets.APPROVE_README_PUSH }}
-
-  call-update-catalog-workflow:
-    needs: get-manifest-properties
-    if: needs.get-manifest-properties.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
-    uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main
-    secrets: 
-      token: ${{ secrets.SDK_SYNC_PAT }}
\ No newline at end of file
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
+      scan_token: ${{ secrets.SAST_TOKEN }}

From 9a293b610fe8fe16f9310504e7279edf4c26717c Mon Sep 17 00:00:00 2001
From: Brian Hill <bhill@keyfactor.com>
Date: Thu, 12 Dec 2024 13:42:30 -0500
Subject: [PATCH 03/18] Workflow Update

---
 integration-manifest.json | 113 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 111 insertions(+), 2 deletions(-)

diff --git a/integration-manifest.json b/integration-manifest.json
index 5ebafdf..8907875 100644
--- a/integration-manifest.json
+++ b/integration-manifest.json
@@ -3,13 +3,20 @@
   "integration_type": "orchestrator",
   "name": "DataPower Orchestrator",
   "status": "production",
+  "update_catalog": true,
+  "link_github": true,
+  "support_level": "kf-supported",
+  "release_project": "DataPower/DataPower.csproj",
+  "release_dir": "DataPower/bin/Release",
   "description": "The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported. This integration can add/replace certificates in any domain\\directory combination. ",
   "link_github": false,
   "update_catalog": false,
   "about": {
     "orchestrator": {
-      "UOFramework": "10.1",
+      "UOFramework": "10.4",
+      "keyfactor_platform_version": "10.4",
       "pam_support": true,
+      "keyfactor_platform_version": "10.4",
       "win": {
         "supportsCreateStore": false,
         "supportsDiscovery": false,
@@ -27,7 +34,109 @@
         "supportsReenrollment": false,
         "supportsInventory": true,
         "platformSupport": "Unused"
-      }
+      },
+      "store_types": [
+        {
+          "Name": "FortiWeb",
+          "ShortName": "FortiWeb",
+          "Capability": "FortiWeb",
+          "LocalStore": false,
+          "SupportedOperations": {
+            "Add": true,
+            "Create": false,
+            "Discovery": false,
+            "Enrollment": false,
+            "Remove": false
+          },
+          "Properties": [
+            {
+              "Name": "ServerUsername",
+              "DisplayName": "Server Username",
+              "Type": "Secret",
+              "DependsOn": "",
+              "DefaultValue": "",
+              "Required": false,
+              "IsPAMEligible": true,
+              "Description": "Api UserName for DataPower. (or valid PAM key if the username is stored in a KF Command configured PAM integration)."
+            },
+            {
+              "Name": "ServerPassword",
+              "DisplayName": "Server Password",
+              "Type": "Secret",
+              "DependsOn": "",
+              "DefaultValue": "",
+              "Required": false,
+              "IsPAMEligible": true,
+              "Description": "A password for DataPower API access.  Used for inventory.(or valid PAM key if the password is stored in a KF Command configured PAM integration)."
+            },
+            {
+              "Name": "ServerUseSsl",
+              "DisplayName": "Use SSL",
+              "Type": "Bool",
+              "DependsOn": "",
+              "DefaultValue": "true",
+              "Required": true,
+              "Description": "Should be true, http is not supported."
+            },
+            {
+              "Name": "InventoryBlackList",
+              "DisplayName": "Inventory Black List",
+              "Type": "String",
+              "DependsOn": "",
+              "DefaultValue": "",
+              "Required": false,
+              "IsPAMEligible": false,
+              "Description": "Comma seperated list of alias values you do not want to inventory from DataPower."
+            },
+            {
+              "Name": "Protocol",
+              "DisplayName": "Protocol Name",
+              "Type": "String",
+              "DependsOn": "",
+              "DefaultValue": "https",
+              "Required": true,
+              "IsPAMEligible": false,
+              "Description": "Comma seperated list of alias values you do not want to inventory from DataPower."
+            },
+            {
+              "Name": "PublicCertStoreName",
+              "DisplayName": "Public Cert Store Name",
+              "Type": "String",
+              "DependsOn": "",
+              "DefaultValue": "pubcert",
+              "Required": true,
+              "IsPAMEligible": false,
+              "Description": "This probably will remain pubcert unless someone changed the default name in DataPower."
+            },
+            {
+              "Name": "InventoryPageSize",
+              "DisplayName": "Inventory Page Size",
+              "Type": "String",
+              "DependsOn": "",
+              "DefaultValue": "100",
+              "Required": true,
+              "IsPAMEligible": false,
+              "Description": "This determines the page size during the inventory calls. (100 should be fine)."
+            }
+          ],
+          "EntryParameters": [],
+          "ClientMachineDescription": "The Client Machine field should contain the IP or Domain name and Port Needed for REST API Access.  For SSH Access, Port 22 will be used.",
+          "StorePathDescription": "The Store Path field should always be / unless we later determine there are alternate locations needed.",
+          "PasswordOptions": {
+            "EntrySupported": false,
+            "StoreRequired": false,
+            "Style": "Default"
+          },
+          "PrivateKeyAllowed": "Optional",
+          "JobProperties": [
+
+          ],
+          "ServerRequired": true,
+          "PowerShell": false,
+          "BlueprintAllowed": false,
+          "CustomAliasAllowed": "Required"
+        }
+      ]
     }
   }
 }

From 64aaa0c9b48c0e46718d200dfde4478b91351e9e Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Thu, 12 Dec 2024 18:43:25 +0000
Subject: [PATCH 04/18] Update generated docs

---
 README.md             | 307 +++++++++++++++++++++++-------------------
 docsource/content.md  |  16 +++
 docsource/fortiweb.md |  20 +++
 3 files changed, 205 insertions(+), 138 deletions(-)
 create mode 100644 docsource/content.md
 create mode 100644 docsource/fortiweb.md

diff --git a/README.md b/README.md
index 42037ab..fa56101 100644
--- a/README.md
+++ b/README.md
@@ -1,191 +1,222 @@
-# DataPower Orchestrator
+<h1 align="center" style="border-bottom: none">
+    DataPower Universal Orchestrator Extension
+</h1>
 
-The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported. This integration can add/replace certificates in any domain\directory combination. 
+<p align="center">
+  <!-- Badges -->
+<img src="https://img.shields.io/badge/integration_status-production-3D1973?style=flat-square" alt="Integration Status: production" />
+<a href="https://github.com/Keyfactor/ibm-datapower-orchestrator/releases"><img src="https://img.shields.io/github/v/release/Keyfactor/ibm-datapower-orchestrator?style=flat-square" alt="Release" /></a>
+<img src="https://img.shields.io/github/issues/Keyfactor/ibm-datapower-orchestrator?style=flat-square" alt="Issues" />
+<img src="https://img.shields.io/github/downloads/Keyfactor/ibm-datapower-orchestrator/total?style=flat-square&label=downloads&color=28B905" alt="GitHub Downloads (all assets, all releases)" />
+</p>
 
-#### Integration status: Production - Ready for use in production environments.
+<p align="center">
+  <!-- TOC -->
+  <a href="#support">
+    <b>Support</b>
+  </a>
+  ·
+  <a href="#installation">
+    <b>Installation</b>
+  </a>
+  ·
+  <a href="#license">
+    <b>License</b>
+  </a>
+  ·
+  <a href="https://github.com/orgs/Keyfactor/repositories?q=orchestrator">
+    <b>Related Integrations</b>
+  </a>
+</p>
 
-## About the Keyfactor Universal Orchestrator Extension
+## Overview
 
-This repository contains a Universal Orchestrator Extension which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” &mdash; collections of certificates and roots of trust that are found within and used by various applications.
+TODO Overview is a required section
 
-The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Extensions, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Extension see below in this readme.
 
-The Universal Orchestrator is the successor to the Windows Orchestrator. This Orchestrator Extension plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator.
 
+### FortiWeb
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
 
+TODO Overview is a required section
 
----
+## Compatibility
 
+This integration is compatible with Keyfactor Universal Orchestrator version 10.4 and later.
 
+## Support
+The DataPower Universal Orchestrator extension is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket with your Keyfactor representative. If you have a support issue, please open a support ticket via the Keyfactor Support Portal at https://support.keyfactor.com. 
+ 
+> To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.
 
+## Requirements & Prerequisites
 
-## Keyfactor Version Supported
+Before installing the DataPower Universal Orchestrator extension, we recommend that you install [kfutil](https://github.com/Keyfactor/kfutil). Kfutil is a command-line tool that simplifies the process of creating store types, installing extensions, and instantiating certificate stores in Keyfactor Command.
 
-The minimum version of the Keyfactor Universal Orchestrator Framework needed to run this version of the extension is 10.1
 
-## Platform Specific Notes
+TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
-The Keyfactor Universal Orchestrator may be installed on either Windows or Linux based platforms. The certificate operations supported by a capability may vary based what platform the capability is installed on. The table below indicates what capabilities are supported based on which platform the encompassing Universal Orchestrator is running.
-| Operation | Win | Linux |
-|-----|-----|------|
-|Supports Management Add|&check; |&check; |
-|Supports Management Remove|&check; |&check; |
-|Supports Create Store|  |  |
-|Supports Discovery|  |  |
-|Supports Renrollment|  |  |
-|Supports Inventory|&check; |&check; |
+### FortiWeb Requirements
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
 
-## PAM Integration
+TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
-This orchestrator extension has the ability to connect to a variety of supported PAM providers to allow for the retrieval of various client hosted secrets right from the orchestrator server itself.  This eliminates the need to set up the PAM integration on Keyfactor Command which may be in an environment that the client does not want to have access to their PAM provider.
 
-The secrets that this orchestrator extension supports for use with a PAM Provider are:
 
-|Name|Description|
-|----|-----------|
-|Server UserName|The user id that will be used to authenticate into the server hosting the store|
-|Server Password|The password that will be used to authenticate into the server hosting the store|
 
+## Create the FortiWeb Certificate Store Type
 
-It is not necessary to use a PAM Provider for all of the secrets available above. If a PAM Provider should not be used, simply enter in the actual value to be used, as normal.
+To use the DataPower Universal Orchestrator extension, you **must** create the FortiWeb Certificate Store Type. This only needs to happen _once_ per Keyfactor Command instance.
 
-If a PAM Provider will be used for one of the fields above, start by referencing the [Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam). The GitHub repo for the PAM Provider to be used contains important information such as the format of the `json` needed. What follows is an example but does not reflect the `json` values for all PAM Providers as they have different "instance" and "initialization" parameter names and values.
 
-### Example PAM Provider Setup
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
-To use a PAM Provider to resolve a field, in this example the __Server Password__ will be resolved by the `Hashicorp-Vault` provider, first install the PAM Provider extension from the [Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam) on the Universal Orchestrator.
 
-Next, complete configuration of the PAM Provider on the UO by editing the `manifest.json` of the __PAM Provider__ (e.g. located at extensions/Hashicorp-Vault/manifest.json). The "initialization" parameters need to be entered here:
+* **Create FortiWeb using kfutil**:
 
-~~~ json
-  "Keyfactor:PAMProviders:Hashicorp-Vault:InitializationInfo": {
-    "Host": "http://127.0.0.1:8200",
-    "Path": "v1/secret/data",
-    "Token": "xxxxxx"
-  }
-~~~
+    ```shell
+    # FortiWeb
+    kfutil store-types create FortiWeb
+    ```
 
-After these values are entered, the Orchestrator needs to be restarted to pick up the configuration. Now the PAM Provider can be used on other Orchestrator Extensions.
+* **Create FortiWeb manually in the Command UI**:
+    <details><summary>Create FortiWeb manually in the Command UI</summary>
 
-### Use the PAM Provider
-With the PAM Provider configured as an extenion on the UO, a `json` object can be passed instead of an actual value to resolve the field with a PAM Provider. Consult the [Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam) for the specific format of the `json` object.
+    Create a store type called `FortiWeb` with the attributes in the tables below:
 
-To have the __Server Password__ field resolved by the `Hashicorp-Vault` provider, the corresponding `json` object from the `Hashicorp-Vault` extension needs to be copied and filed in with the correct information:
+    #### Basic Tab
+    | Attribute | Value | Description |
+    | --------- | ----- | ----- |
+    | Name | FortiWeb | Display name for the store type (may be customized) |
+    | Short Name | FortiWeb | Short display name for the store type |
+    | Capability | FortiWeb | Store type name orchestrator will register with. Check the box to allow entry of value |
+    | Supports Add | ✅ Checked | Check the box. Indicates that the Store Type supports Management Add |
+    | Supports Remove | 🔲 Unchecked |  Indicates that the Store Type supports Management Remove |
+    | Supports Discovery | 🔲 Unchecked |  Indicates that the Store Type supports Discovery |
+    | Supports Reenrollment | 🔲 Unchecked |  Indicates that the Store Type supports Reenrollment |
+    | Supports Create | 🔲 Unchecked |  Indicates that the Store Type supports store creation |
+    | Needs Server | ✅ Checked | Determines if a target server name is required when creating store |
+    | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint |
+    | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell |
+    | Requires Store Password | 🔲 Unchecked | Enables users to optionally specify a store password when defining a Certificate Store. |
+    | Supports Entry Password | 🔲 Unchecked | Determines if an individual entry within a store can have a password. |
 
-~~~ json
-{"Secret":"my-kv-secret","Key":"myServerPassword"}
-~~~
+    The Basic tab should look like this:
 
-This text would be entered in as the value for the __Server Password__, instead of entering in the actual password. The Orchestrator will attempt to use the PAM Provider to retrieve the __Server Password__. If PAM should not be used, just directly enter in the value for the field.
+    ![FortiWeb Basic Tab](docsource/images/FortiWeb-basic-store-type-dialog.png)
 
+    #### Advanced Tab
+    | Attribute | Value | Description |
+    | --------- | ----- | ----- |
+    | Supports Custom Alias | Required | Determines if an individual entry within a store can have a custom Alias. |
+    | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. |
+    | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) |
 
+    The Advanced tab should look like this:
 
+    ![FortiWeb Advanced Tab](docsource/images/FortiWeb-advanced-store-type-dialog.png)
 
+    #### Custom Fields Tab
+    Custom fields operate at the certificate store level and are used to control how the orchestrator connects to the remote target server containing the certificate store to be managed. The following custom fields should be added to the store type:
 
----
+    | Name | Display Name | Description | Type | Default Value/Options | Required |
+    | ---- | ------------ | ---- | --------------------- | -------- | ----------- |
+    | ServerUsername | Server Username | Api UserName for DataPower. (or valid PAM key if the username is stored in a KF Command configured PAM integration). | Secret |  | 🔲 Unchecked |
+    | ServerPassword | Server Password | A password for DataPower API access.  Used for inventory.(or valid PAM key if the password is stored in a KF Command configured PAM integration). | Secret |  | 🔲 Unchecked |
+    | ServerUseSsl | Use SSL | Should be true, http is not supported. | Bool | true | ✅ Checked |
+    | InventoryBlackList | Inventory Black List | Comma seperated list of alias values you do not want to inventory from DataPower. | String |  | 🔲 Unchecked |
+    | Protocol | Protocol Name | Comma seperated list of alias values you do not want to inventory from DataPower. | String | https | ✅ Checked |
+    | PublicCertStoreName | Public Cert Store Name | This probably will remain pubcert unless someone changed the default name in DataPower. | String | pubcert | ✅ Checked |
+    | InventoryPageSize | Inventory Page Size | This determines the page size during the inventory calls. (100 should be fine). | String | 100 | ✅ Checked |
 
+    The Custom Fields tab should look like this:
 
-**IBM Datapower**
+    ![FortiWeb Custom Fields Tab](docsource/images/FortiWeb-custom-fields-store-type-dialog.png)
 
-**Overview**
 
-The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported.  This integration can add/replace certificates in any domain\directory combination.  For example default\pubcert
 
----
+    </details>
 
-**1) Create the new Certificate store Type for the New DataPower AnyAgent**
+## Installation
 
-#### STORE TYPE CONFIGURATION
-SETTING TAB  |  CONFIG ELEMENT	| DESCRIPTION
-------|-----------|------------------
-Basic |Name	|Descriptive name for the Store Type.  IBM Data Power Universal can be used.
-Basic |Short Name	|The short name that identifies the registered functionality of the orchestrator. Must be DataPower.
-Basic |Custom Capability|Unchecked
-Basic |Job Types	|Inventory, Add, and Remove are the supported job types. 
-Basic |Needs Server	|Must be checked
-Basic |Blueprint Allowed	|checked
-Basic |Requires Store Password	|Determines if a store password is required when configuring an individual store.  This must be unchecked.
-Basic |Supports Entry Password	|Determined if an individual entry within a store can have a password.  This must be unchecked.
-Advanced |Store Path Type| Determines how the user will enter the store path when setting up the cert store.  Freeform
-Advanced |Supports Custom Alias	|Determines if an individual entry within a store can have a custom Alias.  Optional (if left blank, alias will be a GUID)
-Advanced |Private Key Handling |Determines how the orchestrator deals with private keys.  Optional
-Advanced |PFX Password Style |Determines password style for the PFX Password. Default
-Custom Fields|Inventory Page Size|Name:InventoryPageSize Display Name:Inventory Page Size Type:String Default Value:100 Required:True.  This determines the page size during the inventory calls. (100 should be fine)
-Custom Fields|Public Cert Store Name|Name:PublicCertStoreName Display Name:Public Cert Store Name:String Default Value:pubcert Required:True.  This probably will remain pubcert unless someone changed the default name in DataPower.
-Custom Fields|Protocol|Name:Protocol Display Name:Protocol Name:String Default Value:https Required:True.  This should always be https in production, may need to change in test to http.
-Custom Fields|Inventory Black List|Name:InventoryBlackList Display Name:Inventory Black List Name:String Default Value:Leave Blank Required:False.  Comma seperated list of alias values you do not want to inventory from DataPower.
-Custom Fields|Server Username|Api UserName for DataPower
-Custom Fields|Server Password|Api Password for UserName Described Above
-Custom Fields|Use SSL|Set this to true
-Entry Parameters|N/A| There are no Entry Parameters
+1. **Download the latest DataPower Universal Orchestrator extension from GitHub.** 
 
-![image.png](/images/CertStoreType-Basic.gif)
+    Navigate to the [DataPower Universal Orchestrator extension GitHub version page](https://github.com/Keyfactor/ibm-datapower-orchestrator/releases/latest). Refer to the compatibility matrix below to determine whether the `net6.0` or `net8.0` asset should be downloaded. Then, click the corresponding asset to download the zip archive.
+    | Universal Orchestrator Version | Latest .NET version installed on the Universal Orchestrator server | `rollForward` condition in `Orchestrator.runtimeconfig.json` | `ibm-datapower-orchestrator` .NET version to download |
+    | --------- | ----------- | ----------- | ----------- |
+    | Older than `11.0.0` | | | `net6.0` |
+    | Between `11.0.0` and `11.5.1` (inclusive) | `net6.0` | | `net6.0` | 
+    | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `Disable` | `net6.0` | 
+    | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `LatestMajor` | `net8.0` | 
+    | `11.6` _and_ newer | `net8.0` | | `net8.0` |
 
-![image.png](/images/CertStoreType-Advanced.gif)
+    Unzip the archive containing extension assemblies to a known location.
 
-![image.png](/images/CertStoreType-CustomFields.gif)
+    > **Note** If you don't see an asset with a corresponding .NET version, you should always assume that it was compiled for `net6.0`.
 
+2. **Locate the Universal Orchestrator extensions directory.**
+
+    * **Default on Windows** - `C:\Program Files\Keyfactor\Keyfactor Orchestrator\extensions`
+    * **Default on Linux** - `/opt/keyfactor/orchestrator/extensions`
     
-#### STORE CONFIGURATION 
-CONFIG ELEMENT	|DESCRIPTION
-----------------|---------------
-Category	|The type of certificate store to be configured. Select category based on the display name configured above "IBM Data Power Universal".
-Container	|This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store.
-Client Machine	| The server and port the DataPower API runs on.  This is typically port 5554 for the API.
-Store Path	|This will the domain\path combination to enroll and inventory to.  If it is the default domain just put the path.
-Inventory Page Size|This determines the page size during the inventory calls. (100 should be fine).
-Public Cert Store Name| This probably will remain pubcert unless someone changed the default name in DataPower.
-Protocol| This should always be https in production, may need to change in test to http.
-Inventory Black List| Comma seperated list of alias values you do not want to inventory from DataPower.
-Orchestrator	|This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. 
-Inventory Schedule	|The interval that the system will use to report on what certificates are currently in the store. 
-Use SSL	|This should be checked.
-User	|The Data Power user that has access to the API and enroll and inventory functions in DataPower.
-Password |Password for the user mentioned above.
-
-![image.png](/images/CertStore.gif)
-
-*** 
-
-#### INVENTORY TEST CASES
-Case Number|Case Name|Case Description|Expected Results|Passed
-------------|---------|----------------|--------------|----------
-1|Pubcert Inventory No Black List Default Domain|Should Inventory Everything in the DataPower pubcert directory on the Default Domain|Keyfactor Inventory Matches pubcert default domain inventory|True
-1a|Pubcert Inventory No Black List Default Domain using PAM Credentials|Should Inventory Everything in the DataPower pubcert directory on the Default Domain using credentials stored in a PAM Provider|Keyfactor Inventory Matches pubcert default domain inventory|True
-1b|Pubcert Inventory With Black List Default Domain|Should Inventory Everything in the DataPower pubcert directory on the Default Domain Outside of Black List Items ex: Test.pem,Test2.pem|Keyfactor Inventory Matches pubcert default domain inventory outside of Black List Items|True
-2|Pubcert Inventory No Black List *testdomain\pubcert* path|Should Inventory Everything in the DataPower pubcert directory on the *testdomain\pubcert* path|Keyfactor Inventory Matches pubcert default domain inventory|True
-2a|Pubcert Inventory With Black List *testdomain\pubcert* path|Should Inventory Everything in the DataPower pubcert directory on the *testdomain\pubcert* path Outside of Black List Items ex: Cert1.pem,Cert2.pem|Keyfactor Inventory Matches pubcert default domain inventory outside of Black List Items|True
-3|Private Key Cert Inventory No Black List Default Domain|Should Inventory Everything in the DataPower cert directory on the Default Domain|Keyfactor Inventory Matches pubcert default domain inventory|True
-3a|Private Key Cert Inventory No Black List Default Domain with Credentials Stored in PAM Provider|Should Inventory Everything in the DataPower cert directory on the Default Domain with Credentials Stored in PAM Provider|Keyfactor Inventory Matches pubcert default domain inventory|True
-3b|Private Key Cert Inventory With Black List Default Domain|Should Inventory Everything in the DataPower cert directory on the Default Domain Oustide of Black List Items ex: Test.pem,Test2.pem|Keyfactor Inventory Matches cert default domain inventory outside of Black List Items|True
-4|Private Key Cert Inventory No Black List *testdomain\cert* path|Should Inventory Everything in the DataPower cert directory on the  *testdomain\cert* path|Keyfactor Inventory Matches *testdomain\cert* path| inventory|True
-4a|Private Key Cert Inventory With Black List *testdomain\cert* path||Should Inventory Everything in the DataPower cert directory on the  *testdomain\cert* path|Keyfactor Inventory Matches *testdomain\cert* path Oustide of Black List Items ex: Test,Test2|Keyfactor Inventory Matches everything in *testdomain\cert* path outside of Black List Items
-
-*** 
-
-#### ADD/REMOVE TEST CASES
-Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed
-------------|---------|----------------|--------------|----------|----------------|--------------
-1|Pubcert Add with Alias Default Domain|Will create new Cert, Key and Pem/crt entry|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created|True
-1a|Pubcert Overwrite with Alias Default Domain|Will Replaced Cert, Key and Pem/crt entry|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced|True
-1b|Pubcert Add without Alias Default Domain|Will create new Cert, Key and Pem/crt entry with GUID as name|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name|True
-2|Private Key Add with Alias Default Domain|Will create new Cert, Key and Pem/crt entry|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created|True
-2a|Private Key Overwrite with Alias Default Domain|Will Replaced Cert, Key and Pem/crt entry|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced|True
-2b|Private Key Add without Alias Default Domain|Will create new Cert, Key and Pem/crt entry with GUID as name|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name|True
-2c|Private Key Cert Add with Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry in *testdomain\cert* path|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created in *testdomain\pubcert* path|True
-2d|Private Key Cert Add with Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry in *testdomain\cert* path with PAM Credentials|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created in *testdomain\pubcert* path gettting credentials from a PAM Provider|True
-3a|Private Key Cert Overwrite with Alias *testdomain\cert* path|Will Replaced Cert, Key and Pem/crt entry in *testdomain\cert* path|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced in *testdomain\pubcert* path|True
-3b|Private Key Cert Add without Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry with GUID as name in *testdomain\cert* path|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name in *testdomain\cert* path|True
-4|Remove Private Key and Cert From Default Domain|Remove Private Key and Cert From Default Domain|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power|True
-4a|Remove Private Key and Cert From *testdomain\cert* path|Remove Private Key and Cert From *testdomain\cert* path|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power *testdomain\cert* path|True
-4b|Remove PubCert|Remove PubCert|False|cryptoobjs|Error Occurs, cannot remove Public Certs|True
-4c|Remove Private Key and Cert From *testdomain\cert* path with PAM Credentials|Remove Private Key and Cert From *testdomain\cert* path using credentials stored in a PAM Provider|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power *testdomain\cert* path|True
-
-*** 
-
-### License
-[Apache](https://apache.org/licenses/LICENSE-2.0)
+3. **Create a new directory for the DataPower Universal Orchestrator extension inside the extensions directory.**
+        
+    Create a new directory called `ibm-datapower-orchestrator`.
+    > The directory name does not need to match any names used elsewhere; it just has to be unique within the extensions directory.
+
+4. **Copy the contents of the downloaded and unzipped assemblies from __step 2__ to the `ibm-datapower-orchestrator` directory.**
+
+5. **Restart the Universal Orchestrator service.**
+
+    Refer to [Starting/Restarting the Universal Orchestrator service](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/StarttheService.htm).
+
+
+6. **(optional) PAM Integration** 
+
+    The DataPower Universal Orchestrator extension is compatible with all supported Keyfactor PAM extensions to resolve PAM-eligible secrets. PAM extensions running on Universal Orchestrators enable secure retrieval of secrets from a connected PAM provider.
+
+    To configure a PAM provider, [reference the Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam) to select an extension, and follow the associated instructions to install it on the Universal Orchestrator (remote).
+
+
+> The above installation steps can be supplimented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/CustomExtensions.htm?Highlight=extensions).
+
+
+## Post Installation
+
+TODO Post Installation is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+
+## Defining Certificate Stores
+
+
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+
+
+> The content in this section can be supplimented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store).
+
+
+## Discovering Certificate Stores with the Discovery Job
+TODO Discovery is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+
+### FortiWeb Discovery Job
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+
+TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+
+
+
+## License
+
+Apache License 2.0, see [LICENSE](LICENSE).
 
+## Related Integrations
 
+See all [Keyfactor Universal Orchestrator extensions](https://github.com/orgs/Keyfactor/repositories?q=orchestrator).
\ No newline at end of file
diff --git a/docsource/content.md b/docsource/content.md
new file mode 100644
index 0000000..48b64fd
--- /dev/null
+++ b/docsource/content.md
@@ -0,0 +1,16 @@
+## Overview
+
+TODO Overview is a required section
+
+## Requirements
+
+TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Post Installation
+
+TODO Post Installation is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Discovery
+
+TODO Discovery is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
diff --git a/docsource/fortiweb.md b/docsource/fortiweb.md
new file mode 100644
index 0000000..d53d056
--- /dev/null
+++ b/docsource/fortiweb.md
@@ -0,0 +1,20 @@
+## Overview
+
+TODO Overview is a required section
+
+## Requirements
+
+TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Discovery Job Configuration
+
+TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Certificate Store Configuration
+
+TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Global Store Type Section
+
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+

From edce2ee020d090674df6539fe607f4b496caecaa Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Thu, 12 Dec 2024 14:08:49 -0500
Subject: [PATCH 05/18] Update content.md

---
 docsource/content.md | 55 ++++++++++++++++++++++++++++++++++++--------
 1 file changed, 45 insertions(+), 10 deletions(-)

diff --git a/docsource/content.md b/docsource/content.md
index 48b64fd..dd02147 100644
--- a/docsource/content.md
+++ b/docsource/content.md
@@ -1,16 +1,51 @@
 ## Overview
 
-TODO Overview is a required section
+The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported. This integration can add/replace certificates in any domain\directory combination. 
 
-## Requirements
-
-TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Post Installation
+* DataPower
 
-TODO Post Installation is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Discovery
+## Requirements
+The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported.  This integration can add/replace certificates in any domain\directory combination.  For example default\pubcert
+
+
+## Test Cases
+
+*** 
+
+#### INVENTORY TEST CASES
+Case Number|Case Name|Case Description|Expected Results|Passed
+------------|---------|----------------|--------------|----------
+1|Pubcert Inventory No Black List Default Domain|Should Inventory Everything in the DataPower pubcert directory on the Default Domain|Keyfactor Inventory Matches pubcert default domain inventory|True
+1a|Pubcert Inventory No Black List Default Domain using PAM Credentials|Should Inventory Everything in the DataPower pubcert directory on the Default Domain using credentials stored in a PAM Provider|Keyfactor Inventory Matches pubcert default domain inventory|True
+1b|Pubcert Inventory With Black List Default Domain|Should Inventory Everything in the DataPower pubcert directory on the Default Domain Outside of Black List Items ex: Test.pem,Test2.pem|Keyfactor Inventory Matches pubcert default domain inventory outside of Black List Items|True
+2|Pubcert Inventory No Black List *testdomain\pubcert* path|Should Inventory Everything in the DataPower pubcert directory on the *testdomain\pubcert* path|Keyfactor Inventory Matches pubcert default domain inventory|True
+2a|Pubcert Inventory With Black List *testdomain\pubcert* path|Should Inventory Everything in the DataPower pubcert directory on the *testdomain\pubcert* path Outside of Black List Items ex: Cert1.pem,Cert2.pem|Keyfactor Inventory Matches pubcert default domain inventory outside of Black List Items|True
+3|Private Key Cert Inventory No Black List Default Domain|Should Inventory Everything in the DataPower cert directory on the Default Domain|Keyfactor Inventory Matches pubcert default domain inventory|True
+3a|Private Key Cert Inventory No Black List Default Domain with Credentials Stored in PAM Provider|Should Inventory Everything in the DataPower cert directory on the Default Domain with Credentials Stored in PAM Provider|Keyfactor Inventory Matches pubcert default domain inventory|True
+3b|Private Key Cert Inventory With Black List Default Domain|Should Inventory Everything in the DataPower cert directory on the Default Domain Oustide of Black List Items ex: Test.pem,Test2.pem|Keyfactor Inventory Matches cert default domain inventory outside of Black List Items|True
+4|Private Key Cert Inventory No Black List *testdomain\cert* path|Should Inventory Everything in the DataPower cert directory on the  *testdomain\cert* path|Keyfactor Inventory Matches *testdomain\cert* path| inventory|True
+4a|Private Key Cert Inventory With Black List *testdomain\cert* path||Should Inventory Everything in the DataPower cert directory on the  *testdomain\cert* path|Keyfactor Inventory Matches *testdomain\cert* path Oustide of Black List Items ex: Test,Test2|Keyfactor Inventory Matches everything in *testdomain\cert* path outside of Black List Items
+
+*** 
+
+#### ADD/REMOVE TEST CASES
+Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed
+------------|---------|----------------|--------------|----------|----------------|--------------
+1|Pubcert Add with Alias Default Domain|Will create new Cert, Key and Pem/crt entry|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created|True
+1a|Pubcert Overwrite with Alias Default Domain|Will Replaced Cert, Key and Pem/crt entry|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced|True
+1b|Pubcert Add without Alias Default Domain|Will create new Cert, Key and Pem/crt entry with GUID as name|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name|True
+2|Private Key Add with Alias Default Domain|Will create new Cert, Key and Pem/crt entry|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created|True
+2a|Private Key Overwrite with Alias Default Domain|Will Replaced Cert, Key and Pem/crt entry|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced|True
+2b|Private Key Add without Alias Default Domain|Will create new Cert, Key and Pem/crt entry with GUID as name|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name|True
+2c|Private Key Cert Add with Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry in *testdomain\cert* path|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created in *testdomain\pubcert* path|True
+2d|Private Key Cert Add with Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry in *testdomain\cert* path with PAM Credentials|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created in *testdomain\pubcert* path gettting credentials from a PAM Provider|True
+3a|Private Key Cert Overwrite with Alias *testdomain\cert* path|Will Replaced Cert, Key and Pem/crt entry in *testdomain\cert* path|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced in *testdomain\pubcert* path|True
+3b|Private Key Cert Add without Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry with GUID as name in *testdomain\cert* path|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name in *testdomain\cert* path|True
+4|Remove Private Key and Cert From Default Domain|Remove Private Key and Cert From Default Domain|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power|True
+4a|Remove Private Key and Cert From *testdomain\cert* path|Remove Private Key and Cert From *testdomain\cert* path|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power *testdomain\cert* path|True
+4b|Remove PubCert|Remove PubCert|False|cryptoobjs|Error Occurs, cannot remove Public Certs|True
+4c|Remove Private Key and Cert From *testdomain\cert* path with PAM Credentials|Remove Private Key and Cert From *testdomain\cert* path using credentials stored in a PAM Provider|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power *testdomain\cert* path|True
+
+*** 
 
-TODO Discovery is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 

From 5b5e8e45589a4b90095cc96920d4b7f1e60adabb Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Thu, 12 Dec 2024 14:09:08 -0500
Subject: [PATCH 06/18] Update fortiweb.md

---
 docsource/fortiweb.md | 20 ++------------------
 1 file changed, 2 insertions(+), 18 deletions(-)

diff --git a/docsource/fortiweb.md b/docsource/fortiweb.md
index d53d056..002304d 100644
--- a/docsource/fortiweb.md
+++ b/docsource/fortiweb.md
@@ -1,20 +1,4 @@
-## Overview
+## Keyfactor Orchestrator Integration: DataPower Setup
 
-TODO Overview is a required section
-
-## Requirements
-
-TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Discovery Job Configuration
-
-TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Certificate Store Configuration
-
-TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Global Store Type Section
-
-TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+### Overview
 

From a63f2c1bc2a3b5e515b1120e9afe8de9a2d4bf80 Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Thu, 12 Dec 2024 14:09:20 -0500
Subject: [PATCH 07/18] Rename fortiweb.md to datapower.md

---
 docsource/{fortiweb.md => datapower.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docsource/{fortiweb.md => datapower.md} (100%)

diff --git a/docsource/fortiweb.md b/docsource/datapower.md
similarity index 100%
rename from docsource/fortiweb.md
rename to docsource/datapower.md

From 66d5e061575de67e3d112d25007b44b6aca0560e Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Thu, 12 Dec 2024 19:09:53 +0000
Subject: [PATCH 08/18] Update generated docs

---
 README.md             | 52 ++++++++++++++++++++++++++++++++++++-------
 docsource/fortiweb.md | 20 +++++++++++++++++
 2 files changed, 64 insertions(+), 8 deletions(-)
 create mode 100644 docsource/fortiweb.md

diff --git a/README.md b/README.md
index fa56101..59333ac 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,9 @@
 
 ## Overview
 
-TODO Overview is a required section
+The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported. This integration can add/replace certificates in any domain\directory combination. 
+
+* DataPower
 
 
 
@@ -55,7 +57,7 @@ The DataPower Universal Orchestrator extension is supported by Keyfactor for Key
 Before installing the DataPower Universal Orchestrator extension, we recommend that you install [kfutil](https://github.com/Keyfactor/kfutil). Kfutil is a command-line tool that simplifies the process of creating store types, installing extensions, and instantiating certificate stores in Keyfactor Command.
 
 
-TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported.  This integration can add/replace certificates in any domain\directory combination.  For example default\pubcert
 
 ### FortiWeb Requirements
 TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
@@ -183,10 +185,6 @@ TODO Global Store Type Section is an optional section. If this section doesn't s
 > The above installation steps can be supplimented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/CustomExtensions.htm?Highlight=extensions).
 
 
-## Post Installation
-
-TODO Post Installation is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
 
 ## Defining Certificate Stores
 
@@ -201,8 +199,6 @@ TODO Certificate Store Configuration is an optional section. If this section doe
 
 
 ## Discovering Certificate Stores with the Discovery Job
-TODO Discovery is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
 
 ### FortiWeb Discovery Job
 TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
@@ -212,6 +208,46 @@ TODO Discovery Job Configuration is an optional section. If this section doesn't
 
 
 
+## Test Cases
+
+*** 
+
+#### INVENTORY TEST CASES
+Case Number|Case Name|Case Description|Expected Results|Passed
+------------|---------|----------------|--------------|----------
+1|Pubcert Inventory No Black List Default Domain|Should Inventory Everything in the DataPower pubcert directory on the Default Domain|Keyfactor Inventory Matches pubcert default domain inventory|True
+1a|Pubcert Inventory No Black List Default Domain using PAM Credentials|Should Inventory Everything in the DataPower pubcert directory on the Default Domain using credentials stored in a PAM Provider|Keyfactor Inventory Matches pubcert default domain inventory|True
+1b|Pubcert Inventory With Black List Default Domain|Should Inventory Everything in the DataPower pubcert directory on the Default Domain Outside of Black List Items ex: Test.pem,Test2.pem|Keyfactor Inventory Matches pubcert default domain inventory outside of Black List Items|True
+2|Pubcert Inventory No Black List *testdomain\pubcert* path|Should Inventory Everything in the DataPower pubcert directory on the *testdomain\pubcert* path|Keyfactor Inventory Matches pubcert default domain inventory|True
+2a|Pubcert Inventory With Black List *testdomain\pubcert* path|Should Inventory Everything in the DataPower pubcert directory on the *testdomain\pubcert* path Outside of Black List Items ex: Cert1.pem,Cert2.pem|Keyfactor Inventory Matches pubcert default domain inventory outside of Black List Items|True
+3|Private Key Cert Inventory No Black List Default Domain|Should Inventory Everything in the DataPower cert directory on the Default Domain|Keyfactor Inventory Matches pubcert default domain inventory|True
+3a|Private Key Cert Inventory No Black List Default Domain with Credentials Stored in PAM Provider|Should Inventory Everything in the DataPower cert directory on the Default Domain with Credentials Stored in PAM Provider|Keyfactor Inventory Matches pubcert default domain inventory|True
+3b|Private Key Cert Inventory With Black List Default Domain|Should Inventory Everything in the DataPower cert directory on the Default Domain Oustide of Black List Items ex: Test.pem,Test2.pem|Keyfactor Inventory Matches cert default domain inventory outside of Black List Items|True
+4|Private Key Cert Inventory No Black List *testdomain\cert* path|Should Inventory Everything in the DataPower cert directory on the  *testdomain\cert* path|Keyfactor Inventory Matches *testdomain\cert* path| inventory|True
+4a|Private Key Cert Inventory With Black List *testdomain\cert* path||Should Inventory Everything in the DataPower cert directory on the  *testdomain\cert* path|Keyfactor Inventory Matches *testdomain\cert* path Oustide of Black List Items ex: Test,Test2|Keyfactor Inventory Matches everything in *testdomain\cert* path outside of Black List Items
+
+***
+
+#### ADD/REMOVE TEST CASES
+Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed
+------------|---------|----------------|--------------|----------|----------------|--------------
+1|Pubcert Add with Alias Default Domain|Will create new Cert, Key and Pem/crt entry|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created|True
+1a|Pubcert Overwrite with Alias Default Domain|Will Replaced Cert, Key and Pem/crt entry|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced|True
+1b|Pubcert Add without Alias Default Domain|Will create new Cert, Key and Pem/crt entry with GUID as name|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name|True
+2|Private Key Add with Alias Default Domain|Will create new Cert, Key and Pem/crt entry|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created|True
+2a|Private Key Overwrite with Alias Default Domain|Will Replaced Cert, Key and Pem/crt entry|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced|True
+2b|Private Key Add without Alias Default Domain|Will create new Cert, Key and Pem/crt entry with GUID as name|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name|True
+2c|Private Key Cert Add with Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry in *testdomain\cert* path|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created in *testdomain\pubcert* path|True
+2d|Private Key Cert Add with Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry in *testdomain\cert* path with PAM Credentials|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created in *testdomain\pubcert* path gettting credentials from a PAM Provider|True
+3a|Private Key Cert Overwrite with Alias *testdomain\cert* path|Will Replaced Cert, Key and Pem/crt entry in *testdomain\cert* path|true|cryptoobjs|Crypto Key Replaced, Crypto Cert Replaced, Pem/Crt Replaced in *testdomain\pubcert* path|True
+3b|Private Key Cert Add without Alias *testdomain\cert* path|Will create new Cert, Key and Pem/crt entry with GUID as name in *testdomain\cert* path|False|cryptoobjs|Crypto Key Created, Crypto Cert Created, Pem/Crt created with GUID as name in *testdomain\cert* path|True
+4|Remove Private Key and Cert From Default Domain|Remove Private Key and Cert From Default Domain|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power|True
+4a|Remove Private Key and Cert From *testdomain\cert* path|Remove Private Key and Cert From *testdomain\cert* path|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power *testdomain\cert* path|True
+4b|Remove PubCert|Remove PubCert|False|cryptoobjs|Error Occurs, cannot remove Public Certs|True
+4c|Remove Private Key and Cert From *testdomain\cert* path with PAM Credentials|Remove Private Key and Cert From *testdomain\cert* path using credentials stored in a PAM Provider|False|cryptoobjs|Crypto Certificate, Crypto Key and Pem/Crt are removed from Data Power *testdomain\cert* path|True
+
+***
+
 
 ## License
 
diff --git a/docsource/fortiweb.md b/docsource/fortiweb.md
new file mode 100644
index 0000000..d53d056
--- /dev/null
+++ b/docsource/fortiweb.md
@@ -0,0 +1,20 @@
+## Overview
+
+TODO Overview is a required section
+
+## Requirements
+
+TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Discovery Job Configuration
+
+TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Certificate Store Configuration
+
+TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Global Store Type Section
+
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+

From 4b2616ad53f1a6ef57a101aeb8017639948f6b96 Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Thu, 12 Dec 2024 16:17:29 -0500
Subject: [PATCH 09/18] Update CHANGELOG.md

---
 CHANGELOG.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a839e50..434a62d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,8 @@
+1.1.1
+* Dual Build .Net 6 and .Net 8 support
+* Test Tool Modifications
+* Readme Updates
+
 1.1.0
 * Convert to Universal Orchestrator Framework
 * Added Support for .cer files during inventory
@@ -5,4 +10,3 @@
 
 1.0.0
 * Windows Orchestrator with Add, Remove and Inventory Capabilities
-

From abcd74a66e12096115b507ac541d30016ec7b3c0 Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Thu, 12 Dec 2024 16:23:16 -0500
Subject: [PATCH 10/18] Delete docsource/fortiweb.md

---
 docsource/fortiweb.md | 20 --------------------
 1 file changed, 20 deletions(-)
 delete mode 100644 docsource/fortiweb.md

diff --git a/docsource/fortiweb.md b/docsource/fortiweb.md
deleted file mode 100644
index d53d056..0000000
--- a/docsource/fortiweb.md
+++ /dev/null
@@ -1,20 +0,0 @@
-## Overview
-
-TODO Overview is a required section
-
-## Requirements
-
-TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Discovery Job Configuration
-
-TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Certificate Store Configuration
-
-TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-## Global Store Type Section
-
-TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-

From fc53588b571ac4613407fae489b566d13ccd1a76 Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Thu, 12 Dec 2024 21:24:07 +0000
Subject: [PATCH 11/18] Update generated docs

---
 docsource/fortiweb.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 docsource/fortiweb.md

diff --git a/docsource/fortiweb.md b/docsource/fortiweb.md
new file mode 100644
index 0000000..d53d056
--- /dev/null
+++ b/docsource/fortiweb.md
@@ -0,0 +1,20 @@
+## Overview
+
+TODO Overview is a required section
+
+## Requirements
+
+TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Discovery Job Configuration
+
+TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Certificate Store Configuration
+
+TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+
+## Global Store Type Section
+
+TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+

From 5e6174c494de7c0913145656bb7e04f29b2cb9b7 Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Mon, 16 Dec 2024 09:38:30 -0500
Subject: [PATCH 12/18] Update integration-manifest.json

---
 integration-manifest.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/integration-manifest.json b/integration-manifest.json
index 8907875..b6a7400 100644
--- a/integration-manifest.json
+++ b/integration-manifest.json
@@ -37,9 +37,9 @@
       },
       "store_types": [
         {
-          "Name": "FortiWeb",
-          "ShortName": "FortiWeb",
-          "Capability": "FortiWeb",
+          "Name": "IBM Data Power",
+          "ShortName": "DataPower",
+          "Capability": "DataPower",
           "LocalStore": false,
           "SupportedOperations": {
             "Add": true,

From 4fca82104f07aa19fdc5c86a53559f958a56d73e Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Mon, 16 Dec 2024 14:39:23 +0000
Subject: [PATCH 13/18] Update generated docs

---
 README.md | 141 ++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 104 insertions(+), 37 deletions(-)

diff --git a/README.md b/README.md
index 59333ac..87633b2 100644
--- a/README.md
+++ b/README.md
@@ -37,12 +37,6 @@ The IBM DataPower Orchestrator allows for the management of certificates in the
 
 
 
-### FortiWeb
-TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-
-TODO Overview is a required section
-
 ## Compatibility
 
 This integration is compatible with Keyfactor Universal Orchestrator version 10.4 and later.
@@ -59,41 +53,31 @@ Before installing the DataPower Universal Orchestrator extension, we recommend t
 
 The IBM DataPower Orchestrator allows for the management of certificates in the IBM Datapower platform. Inventory, Add and Remove functions are supported.  This integration can add/replace certificates in any domain\directory combination.  For example default\pubcert
 
-### FortiWeb Requirements
-TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-
-TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
-
-
-
-
-## Create the FortiWeb Certificate Store Type
 
-To use the DataPower Universal Orchestrator extension, you **must** create the FortiWeb Certificate Store Type. This only needs to happen _once_ per Keyfactor Command instance.
+## Create the DataPower Certificate Store Type
 
+To use the DataPower Universal Orchestrator extension, you **must** create the DataPower Certificate Store Type. This only needs to happen _once_ per Keyfactor Command instance.
 
-TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
 
-* **Create FortiWeb using kfutil**:
+* **Create DataPower using kfutil**:
 
     ```shell
-    # FortiWeb
-    kfutil store-types create FortiWeb
+    # IBM Data Power
+    kfutil store-types create DataPower
     ```
 
-* **Create FortiWeb manually in the Command UI**:
-    <details><summary>Create FortiWeb manually in the Command UI</summary>
+* **Create DataPower manually in the Command UI**:
+    <details><summary>Create DataPower manually in the Command UI</summary>
 
-    Create a store type called `FortiWeb` with the attributes in the tables below:
+    Create a store type called `DataPower` with the attributes in the tables below:
 
     #### Basic Tab
     | Attribute | Value | Description |
     | --------- | ----- | ----- |
-    | Name | FortiWeb | Display name for the store type (may be customized) |
-    | Short Name | FortiWeb | Short display name for the store type |
-    | Capability | FortiWeb | Store type name orchestrator will register with. Check the box to allow entry of value |
+    | Name | IBM Data Power | Display name for the store type (may be customized) |
+    | Short Name | DataPower | Short display name for the store type |
+    | Capability | DataPower | Store type name orchestrator will register with. Check the box to allow entry of value |
     | Supports Add | ✅ Checked | Check the box. Indicates that the Store Type supports Management Add |
     | Supports Remove | 🔲 Unchecked |  Indicates that the Store Type supports Management Remove |
     | Supports Discovery | 🔲 Unchecked |  Indicates that the Store Type supports Discovery |
@@ -107,7 +91,7 @@ TODO Global Store Type Section is an optional section. If this section doesn't s
 
     The Basic tab should look like this:
 
-    ![FortiWeb Basic Tab](docsource/images/FortiWeb-basic-store-type-dialog.png)
+    ![DataPower Basic Tab](docsource/images/DataPower-basic-store-type-dialog.png)
 
     #### Advanced Tab
     | Attribute | Value | Description |
@@ -118,7 +102,7 @@ TODO Global Store Type Section is an optional section. If this section doesn't s
 
     The Advanced tab should look like this:
 
-    ![FortiWeb Advanced Tab](docsource/images/FortiWeb-advanced-store-type-dialog.png)
+    ![DataPower Advanced Tab](docsource/images/DataPower-advanced-store-type-dialog.png)
 
     #### Custom Fields Tab
     Custom fields operate at the certificate store level and are used to control how the orchestrator connects to the remote target server containing the certificate store to be managed. The following custom fields should be added to the store type:
@@ -135,7 +119,7 @@ TODO Global Store Type Section is an optional section. If this section doesn't s
 
     The Custom Fields tab should look like this:
 
-    ![FortiWeb Custom Fields Tab](docsource/images/FortiWeb-custom-fields-store-type-dialog.png)
+    ![DataPower Custom Fields Tab](docsource/images/DataPower-custom-fields-store-type-dialog.png)
 
 
 
@@ -189,22 +173,105 @@ TODO Global Store Type Section is an optional section. If this section doesn't s
 ## Defining Certificate Stores
 
 
-TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
-TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+* **Manually with the Command UI**
 
+    <details><summary>Create Certificate Stores manually in the UI</summary>
 
+    1. **Navigate to the _Certificate Stores_ page in Keyfactor Command.**
 
-> The content in this section can be supplimented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store).
+        Log into Keyfactor Command, toggle the _Locations_ dropdown, and click _Certificate Stores_.
+
+    2. **Add a Certificate Store.**
+
+        Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form.
+        | Attribute | Description |
+        | --------- | ----------- |
+        | Category | Select "IBM Data Power" or the customized certificate store name from the previous step. |
+        | Container | Optional container to associate certificate store with. |
+        | Client Machine | The Client Machine field should contain the IP or Domain name and Port Needed for REST API Access.  For SSH Access, Port 22 will be used. |
+        | Store Path | The Store Path field should always be / unless we later determine there are alternate locations needed. |
+        | Orchestrator | Select an approved orchestrator capable of managing `DataPower` certificates. Specifically, one with the `DataPower` capability. |
+        | ServerUsername | Api UserName for DataPower. (or valid PAM key if the username is stored in a KF Command configured PAM integration). |
+        | ServerPassword | A password for DataPower API access.  Used for inventory.(or valid PAM key if the password is stored in a KF Command configured PAM integration). |
+        | ServerUseSsl | Should be true, http is not supported. |
+        | InventoryBlackList | Comma seperated list of alias values you do not want to inventory from DataPower. |
+        | Protocol | Comma seperated list of alias values you do not want to inventory from DataPower. |
+        | PublicCertStoreName | This probably will remain pubcert unless someone changed the default name in DataPower. |
+        | InventoryPageSize | This determines the page size during the inventory calls. (100 should be fine). |
 
 
-## Discovering Certificate Stores with the Discovery Job
+        
+
+        <details><summary>Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator</summary>
 
-### FortiWeb Discovery Job
-TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
+        If a PAM provider was installed _on the Universal Orchestrator_ in the [Installation](#Installation) section, the following parameters can be configured for retrieval _on the Universal Orchestrator_.
+        | Attribute | Description |
+        | --------- | ----------- |
+        | ServerUsername | Api UserName for DataPower. (or valid PAM key if the username is stored in a KF Command configured PAM integration). |
+        | ServerPassword | A password for DataPower API access.  Used for inventory.(or valid PAM key if the password is stored in a KF Command configured PAM integration). |
+
+
+        Please refer to the **Universal Orchestrator (remote)** usage section ([PAM providers on the Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam)) for your selected PAM provider for instructions on how to load attributes orchestrator-side.
+
+        > Any secret can be rendered by a PAM provider _installed on the Keyfactor Command server_. The above parameters are specific to attributes that can be fetched by an installed PAM provider running on the Universal Orchestrator server itself. 
+        </details>
+        
 
+    </details>
+
+* **Using kfutil**
+    
+    <details><summary>Create Certificate Stores with kfutil</summary>
+    
+    1. **Generate a CSV template for the DataPower certificate store**
+
+        ```shell
+        kfutil stores import generate-template --store-type-name DataPower --outpath DataPower.csv
+        ```
+    2. **Populate the generated CSV file**
+
+        Open the CSV file, and reference the table below to populate parameters for each **Attribute**.
+        | Attribute | Description |
+        | --------- | ----------- |
+        | Category | Select "IBM Data Power" or the customized certificate store name from the previous step. |
+        | Container | Optional container to associate certificate store with. |
+        | Client Machine | The Client Machine field should contain the IP or Domain name and Port Needed for REST API Access.  For SSH Access, Port 22 will be used. |
+        | Store Path | The Store Path field should always be / unless we later determine there are alternate locations needed. |
+        | Orchestrator | Select an approved orchestrator capable of managing `DataPower` certificates. Specifically, one with the `DataPower` capability. |
+        | ServerUsername | Api UserName for DataPower. (or valid PAM key if the username is stored in a KF Command configured PAM integration). |
+        | ServerPassword | A password for DataPower API access.  Used for inventory.(or valid PAM key if the password is stored in a KF Command configured PAM integration). |
+        | ServerUseSsl | Should be true, http is not supported. |
+        | InventoryBlackList | Comma seperated list of alias values you do not want to inventory from DataPower. |
+        | Protocol | Comma seperated list of alias values you do not want to inventory from DataPower. |
+        | PublicCertStoreName | This probably will remain pubcert unless someone changed the default name in DataPower. |
+        | InventoryPageSize | This determines the page size during the inventory calls. (100 should be fine). |
+
+
+        
+
+        <details><summary>Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator</summary>
+
+        If a PAM provider was installed _on the Universal Orchestrator_ in the [Installation](#Installation) section, the following parameters can be configured for retrieval _on the Universal Orchestrator_.
+        | Attribute | Description |
+        | --------- | ----------- |
+        | ServerUsername | Api UserName for DataPower. (or valid PAM key if the username is stored in a KF Command configured PAM integration). |
+        | ServerPassword | A password for DataPower API access.  Used for inventory.(or valid PAM key if the password is stored in a KF Command configured PAM integration). |
+
+
+        > Any secret can be rendered by a PAM provider _installed on the Keyfactor Command server_. The above parameters are specific to attributes that can be fetched by an installed PAM provider running on the Universal Orchestrator server itself. 
+        </details>
+        
+
+    3. **Import the CSV file to create the certificate stores** 
+
+        ```shell
+        kfutil stores import csv --store-type-name DataPower --file DataPower.csv
+        ```
+    </details>
+
+> The content in this section can be supplimented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store).
 
-TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
 
 
 

From e9ad9b8263001513bf27bc85e4649283d188d6b9 Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Mon, 16 Dec 2024 10:19:14 -0500
Subject: [PATCH 14/18] Update DataPower.sln

---
 DataPower.sln | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/DataPower.sln b/DataPower.sln
index 8d78ba4..10f3e4e 100644
--- a/DataPower.sln
+++ b/DataPower.sln
@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.30717.126
+# Visual Studio Version 17
+VisualStudioVersion = 17.11.35222.181
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DataPower", "DataPower\DataPower.csproj", "{33FBC5A1-3466-4F10-B9A6-7186F804A65A}"
 EndProject

From 29ea37b8cc0b66632e5c474a70e4f5002efe116c Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Mon, 16 Dec 2024 10:45:50 -0500
Subject: [PATCH 15/18] Update DataPower.csproj

---
 DataPower/DataPower.csproj | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/DataPower/DataPower.csproj b/DataPower/DataPower.csproj
index 61cd49d..2f3bf7b 100644
--- a/DataPower/DataPower.csproj
+++ b/DataPower/DataPower.csproj
@@ -7,10 +7,6 @@
     <ImplicitUsings>disable</ImplicitUsings>
   </PropertyGroup>
 
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
-    <DebugType>none</DebugType>
-    <DebugSymbols>false</DebugSymbols>
-  </PropertyGroup>
 
   <ItemGroup>
     <PackageReference Include="Keyfactor.Logging" Version="1.1.1" />

From fda3cce830f5c0d2c7f60b2f0a55c64a3b89344f Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Mon, 16 Dec 2024 10:55:23 -0500
Subject: [PATCH 16/18] Update DataPower.sln

---
 DataPower.sln | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/DataPower.sln b/DataPower.sln
index 10f3e4e..71ba241 100644
--- a/DataPower.sln
+++ b/DataPower.sln
@@ -9,7 +9,9 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 	ProjectSection(SolutionItems) = preProject
 		CHANGELOG.md = CHANGELOG.md
 		integration-manifest.json = integration-manifest.json
+		.github\workflows\keyfactor-extension-release.yml = .github\workflows\keyfactor-extension-release.yml
 		README.md = README.md
+		README.md.tpl = README.md.tpl
 	EndProjectSection
 EndProject
 Global

From a875520ea8256fffb47ceec1156ff889aa733392 Mon Sep 17 00:00:00 2001
From: Brian Hill <76450501+bhillkeyfactor@users.noreply.github.com>
Date: Mon, 16 Dec 2024 10:56:25 -0500
Subject: [PATCH 17/18] Update DataPower.sln

---
 DataPower.sln | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/DataPower.sln b/DataPower.sln
index 71ba241..f61dfc8 100644
--- a/DataPower.sln
+++ b/DataPower.sln
@@ -22,8 +22,12 @@ Global
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
 		{33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Release|Any CPU.ActiveCfg = Debug|Any CPU
-		{33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Release|Any CPU.Build.0 = Debug|Any CPU
+		{33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Release|Any CPU.Build.0 = Release|Any CPU
+		{FFF21E91-1820-4090-922B-A78D5CC38D7B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{FFF21E91-1820-4090-922B-A78D5CC38D7B}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{FFF21E91-1820-4090-922B-A78D5CC38D7B}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{FFF21E91-1820-4090-922B-A78D5CC38D7B}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

From f1d9dcb742a4cb6e6794b3a6ebf920f832bc679e Mon Sep 17 00:00:00 2001
From: Brian Hill <bhill@keyfactor.com>
Date: Mon, 16 Dec 2024 13:19:40 -0500
Subject: [PATCH 18/18] Update

---
 DataPower/RequestManager.cs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/DataPower/RequestManager.cs b/DataPower/RequestManager.cs
index df95fa9..3fcf12b 100644
--- a/DataPower/RequestManager.cs
+++ b/DataPower/RequestManager.cs
@@ -535,7 +535,7 @@ public JobResult AddPubCert(ManagementJobConfiguration addPubConfig, CertStoreIn
                 //If you have a password then you will get a PFX in return instead of the base64 encoded string
                 if (!string.IsNullOrEmpty(addPubConfig.JobCertificate?.PrivateKeyPassword))
                 {
-                    _logger.LogTrace($"Has PFX Password {addPubConfig.JobCertificate?.PrivateKeyPassword}");
+                    _logger.LogTrace($"Has PFX Password");
                     using var ms = new MemoryStream(certData);
                     store = new Pkcs12Store(ms, addPubConfig.JobCertificate?.PrivateKeyPassword.ToCharArray());
                     var storeAlias = store.Aliases.Cast<string>().SingleOrDefault(a => store.IsKeyEntry(a));
@@ -600,7 +600,7 @@ private JobResult RemoveCertFromDomain(ManagementJobConfiguration removeConfig,
             _logger.LogTrace(
                 $"Entering RemoveCertStore for Domain: {ci.Domain} and Certificate Store: {ci.CertificateStore}");
             _logger.LogTrace(
-                $"Creating API Client Created with user: {ServerUserName} password: {ServerPassword} protocol: {_protocol} ClientMachine: {removeConfig.CertificateStoreDetails.ClientMachine.Trim()} Domain: {ci.Domain}");
+                $"Creating API Client Created with user: {ServerUserName} protocol: {_protocol} ClientMachine: {removeConfig.CertificateStoreDetails.ClientMachine.Trim()} Domain: {ci.Domain}");
             var apiClient = new DataPowerClient(ServerUserName, ServerPassword,
                 $"{_protocol}://" + removeConfig.CertificateStoreDetails.ClientMachine.Trim(), ci.Domain);
             _logger.LogTrace("API Client Created!");
@@ -792,7 +792,7 @@ private JobResult AddCertStore(ManagementJobConfiguration addConfig, CertStoreIn
             _logger.LogTrace(
                 $"Entering AddCertStore for Domain: {ci.Domain} and Certificate Store: {ci.CertificateStore}");
             _logger.LogTrace(
-                $"Creating API Client Created with user: {ServerUserName} password: {ServerPassword} protocol: {_protocol} ClientMachine: {addConfig.CertificateStoreDetails.ClientMachine.Trim()} Domain: {ci.Domain}");
+                $"Creating API Client Created with user: {ServerUserName} protocol: {_protocol} ClientMachine: {addConfig.CertificateStoreDetails.ClientMachine.Trim()} Domain: {ci.Domain}");
             var apiClient = new DataPowerClient(ServerUserName, ServerPassword,
                 $"{_protocol}://" + addConfig.CertificateStoreDetails.ClientMachine.Trim(),
                 ci.Domain);
@@ -808,7 +808,7 @@ private JobResult AddCertStore(ManagementJobConfiguration addConfig, CertStoreIn
             {
                 if (!string.IsNullOrEmpty(addConfig.JobCertificate.PrivateKeyPassword))
                 {
-                    _logger.LogTrace($"Has Password: {addConfig.JobCertificate.PrivateKeyPassword}");
+                    _logger.LogTrace($"Has Password");
                     var certPem = GetCertPem(addConfig, alias, ref privateKeyString);
                     _logger.LogTrace($"certPem: {certPem}");
                     var baseAlias = alias.ToLower();