client cert enroll support

digicert-certcentral-cagateway/API/OrderCertificate.cs

@@ -31,6 +31,9 @@ public class CertificateRequest
 		[JsonProperty("dns_names")]
 		public List<string> DNSNames { get; set; }
 
+		[JsonProperty("emails")]
+		public List<string> Emails { get; set; }
+
 		[JsonProperty("csr")]
 		public string CSR { get; set; }
 

digicert-certcentral-cagateway/Constants.cs

@@ -25,6 +25,7 @@ public class Config
 			public const string DIVISION_ID = "DivisionId";
 			public const string LIFETIME = "LifetimeDays";
 			public const string CA_CERT_ID = "CACertId";
+			public const string CERT_TYPE = "CertType";
 		}
 
 		public class RequestAttributes

digicert-certcentral-cagateway/DigiCertCAConnector.cs

@@ -97,6 +97,13 @@ public override EnrollmentResult Enroll(ICertificateDataReader certificateDataRe
 			CertCentralCertType certType = (CertCentralCertType)CertCentralCertType.GetAllTypes(Config).FirstOrDefault(x => x.ProductCode.Equals(productInfo.ProductID));
 			OrderRequest orderRequest = new OrderRequest(certType);
 
+			string typeOfCert = (productInfo.ProductParameters.ContainsKey(DigiCertConstants.Config.CERT_TYPE)) ? productInfo.ProductParameters[DigiCertConstants.Config.CERT_TYPE].ToLower() : "ssl";
+
+			if (!(typeOfCert.Equals("ssl") || typeOfCert.Equals("client")))
+			{
+				throw new Exception("Invalid Cert Type specified. Valid options are 'ssl' or 'client'");
+			}
+
 			var days = (productInfo.ProductParameters.ContainsKey("LifetimeDays")) ? int.Parse(productInfo.ProductParameters["LifetimeDays"]) : 365;
 			// Determining if this is a yearly validity or a specific date
 			int validityYears = 0;
@@ -115,10 +122,15 @@ public override EnrollmentResult Enroll(ICertificateDataReader certificateDataRe
 			}
 
 			List<string> dnsNames = new List<string>();
+			List<string> emails = new List<string>();
 			if (san.ContainsKey("Dns"))
 			{
 				dnsNames = new List<string>(san["Dns"]);
 			}
+			if (san.ContainsKey("Email"))
+			{
+				emails = new List<string>(san["Email"]);
+			}
 
 			// Parse subject
 			X509Name subjectParsed = null;
@@ -134,13 +146,24 @@ public override EnrollmentResult Enroll(ICertificateDataReader certificateDataRe
 
 			if (commonName == null)
 			{
-				if (dnsNames.Count > 0)
+				if (typeOfCert.Equals("ssl") && dnsNames.Count > 0)
 				{
 					commonName = dnsNames[0];
 				}
+				else if (typeOfCert.Equals("client") && emails.Count > 0)
+				{
+					commonName = emails[0];
+				}
 				else
 				{
-					throw new Exception("No Common Name or DNS SAN provided, unable to enroll");
+					throw new Exception("No Common Name or SAN provided, unable to enroll");
+				}
+			}
+			else
+			{
+				if (typeOfCert.Equals("client") && emails.Count == 0)
+				{
+					emails.Add(commonName);
 				}
 			}
 
@@ -204,7 +227,14 @@ public override EnrollmentResult Enroll(ICertificateDataReader certificateDataRe
 			orderRequest.Certificate.CommonName = commonName;
 			orderRequest.Certificate.CSR = csr;
 			orderRequest.Certificate.SignatureHash = signatureHash;
-			orderRequest.Certificate.DNSNames = dnsNames;
+			if (typeOfCert.Equals("ssl"))
+			{
+				orderRequest.Certificate.DNSNames = dnsNames;
+			}
+			else if (typeOfCert.Equals("client"))
+			{
+				orderRequest.Certificate.Emails = emails;
+			}
 			orderRequest.Certificate.CACertID = cacertid;
 			orderRequest.SetOrganization(organizationId);
 			if (!string.IsNullOrEmpty(orgUnit))
@@ -912,6 +942,12 @@ public Dictionary<string, PropertyConfigInfo> GetTemplateParameterAnnotations()
 					Comments = "OPTIONAL: ID of issuing CA to use by DigiCert. If not provided, the default for your account will be used.",
 					Hidden = false,
 					DefaultValue = ""
+				},
+				[DigiCertConstants.Config.CERT_TYPE] = new PropertyConfigInfo()
+				{
+					Comments = "OPTIONAL: Type of cert to request. Valid values: ssl, client. If not specified, defaults to 'ssl'.",
+					Hidden = false,
+					DefaultValue = "ssl"
 				}
 			};
 		}