Build a Client Certificate Renewal Extension

The functionality to renew the certificate used by the Keyfactor Universal Orchestrator The Keyfactor Universal Orchestrator, one of Keyfactor's suite of orchestrators, is used to interact with servers and devices for certificate management, run SSL discovery and management tasks, and manage synchronization of certificate authorities in remote forests. With the addition of custom extensions, it can provide certificate management capabilities on a variety of platforms and devices (e.g. Amazon Web Services (AWS) resources, Citrix\NetScaler devices, F5 devices, IIS stores, JKS keystores, PEM stores, and PKCS#12 stores) and execute tasks outside the standard list of certificate management functions. It runs on either Windows or Linux servers or Linux containers. for authentication is available via an extension point interface provided by Keyfactor. To implement a custom extension, you will need to obtain the Keyfactor.Orchestrators.IOrchestratorRegistrationUpdater nuget package from Keyfactor. Contact your Client Success Manager or support@keyfactor.com for assistance with that.

To build a client certificate renewal extension:

1. Create a project for the extension in your favorite integrated development environment (e.g. Visual Studio).
2. Import the Keyfactor.Orchestrators.IOrchestratorRegistrationUpdater nuget package into the project.

3. Consult the sample code to help you design your extension. A sample extension for the client authentication registration updater interface is provided on the Keyfactor GitHub:

   https://keyfactor.github.io/
4. Build an assembly file (DLL file) containing the extension.
5. Follow the instructions for registering the extension (see Register a Client Certificate Renewal Extension).