update

_NDGOV_WindowsTeam/ITD.Infra-Certificate-External.Sectigo/README.md

@@ -0,0 +1,122 @@
+# ITD.Infra-Certificate-Internal.Sectigo
+
+### Written by: Freeman Peterson fjpeterson@nd.gov
+
+# Description
+This module is used to interact Sectigo API
+
+## Prerequisites
+None
+
+# Api Documentation
+https://www.sectigo.com/knowledge-base/detail/Sectigo-Certificate-Manager-SCM-REST-API/kA01N000000XDkE
+
+# Git repo
+https://dev.azure.com/ndgov/NDIT-WindowsServerTeam/_git/ITD.Infra-Certificate-Internal.Sectigo
+
+# Install
+
+### Add Gallary
+```
+ Register-PSRepository -Name ITD_PwshGallery `
+    -SourceLocation "https://powershell.nd.gov/ITD_PwshGallery/nuget/" `
+    -PublishLocation "https://powershell.nd.gov/ITD_PwshGallery/nuget/" `
+    -InstallationPolicy Trusted
+```
+
+### Install Module
+```
+Find-Module -Repository ITD_PwshGallery -Name ITD.Infra-Certificate-Internal.Sectigo|Install-Module -Scope CurrentUser
+```
+
+### Validate Module installed
+```
+Get-Command -Module ITD.Infra-Certificate-Internal.Sectigo
+```
+### Update Module
+```
+Find-Module -Repository ITD_PwshGallery -Name ITD.Infra-Certificate-Internal.Sectigo|Update-Module
+```
+
+# Examples and Information
+
+### Obtaining CSR From File
+```
+$csr = (Get-Content -Path "c:\temp\hostname.csr" -Raw)
+```
+
+### Get Token Prompt for Creds
+```
+$env:Sectigoclientid='b16d95fd-405f-4d41-a748-c1035916a359'
+$env:SectigoclientSecret=redacted
+
+Get-SectigoApiToken
+```
+
+
+### Test Cert Request
+```
+Test-SectigoCertificateRequest -FilePath $csrpath
+```
+
+### Enroll the CSR
+```
+$certRequest = Enroll-SectigoCertificateRequest -Csr $csr -dcvEmail 'youremail@nd.gov" #-Comment "app123"
+```
+
+### Get Cert Status
+```
+Get-SectigoCertificate -Orderid $certRequest.sslid
+```
+
+### Wait for approval
+```
+while ($certstatus -ne "Issued") {
+  $certstatus=(Get-SectigoCertificate -OrderId $certRequest.sslid).status
+  Sleep 1
+}
+```
+
+### Download Cert
+```
+$CertPath = (Download-SectigoCertificate -Orderid $certRequest.sslid -Format "pem").FullName
+```
+
+Default Format: Pem
+ 'x509' - for Certificate (w/ chain) PEM encoded
+ 'x509CO' - for Certificate only, PEM encoded
+ 'base64' - for PKCS#7, PEM encoded
+ 'bin' - for PKCS#7, 'x509IO' - for Root/Intermediate(s) only, PEM encoded
+ 'x509IOR' - for Intermediate(s)/Root only, PEM encoded
+ 'pem' - for Certificate (w/ chain), PEM encoded
+ 'pemco' - for Certificate only, PEM encoded
+ 'pemia' - for Certificate (w/ issuer after), PEM encoded
+ 'x509R' - for Certificate (w/ chain), PEM encoded
+  base64
+
+###  Add it to a cert store
+As administrator:
+```
+  Import-Certificate -FilePath "C:\Certs\cert_OrderNumber.pem" -CertStoreLocation Cert:\LocalMachine\My
+```
+
+# Other functions
+
+### Revoke
+```
+Revoke-SectigoCertificate -reasonCode 4 -reason "Just a test" -Orderid 11012388
+```
+No results will be given back to you.
+
+*If you revoke a cert you will no longer see them in Get-SectigoCertificate
+Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5))
+
+### Org Lookup
+```
+Get-SectigoOrg
+```
+
+### Certificate Types
+```
+Get-SectigoCertificateTypes
+```