Keyfactor · spbsoluble · Oct 15, 2025 · Sep 30, 2025 · Sep 30, 2025 · Sep 30, 2025
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,6 @@
+- 1.1.0
+    - Enabled Flag For Gateway
+    - Dual Build Support
+- 1.0.0
+    - Conversion to REST Framework
+
diff --git a/README.md b/README.md
@@ -146,13 +146,16 @@ Enrollment Format Specifications Located [here](https://pki-ws-rest.symauth.com/
 
 2. On the server hosting the AnyCA Gateway REST, download and unzip the latest [Digicert Mpki   Gateway AnyCA Gateway REST plugin](https://github.com/Keyfactor/digicert-mpki-caplugin/releases/latest) from GitHub.
 
-3. Copy the unzipped directory (usually called `net6.0`) to the Extensions directory:
+3. Copy the unzipped directory (usually called `net6.0` or `net8.0`) to the Extensions directory:
+
 
     ```shell
+    Depending on your AnyCA Gateway REST version, copy the unzipped directory to one of the following locations:
     Program Files\Keyfactor\AnyCA Gateway\AnyGatewayREST\net6.0\Extensions
+    Program Files\Keyfactor\AnyCA Gateway\AnyGatewayREST\net8.0\Extensions
     ```
 
-    > The directory containing the Digicert Mpki   Gateway AnyCA Gateway REST plugin DLLs (`net6.0`) can be named anything, as long as it is unique within the `Extensions` directory.
+    > The directory containing the Digicert Mpki   Gateway AnyCA Gateway REST plugin DLLs (`net6.0` or `net8.0`) can be named anything, as long as it is unique within the `Extensions` directory.
 
 4. Restart the AnyCA Gateway REST service.
 
@@ -175,6 +178,7 @@ Enrollment Format Specifications Located [here](https://pki-ws-rest.symauth.com/
         * **ClientCertLocation** - Location on the Gateway Server File System of Client Certificate sample: C:\temp\myclientcert.pfx 
         * **ClientCertPassword** - Password for the SOAP Client Certificate. 
         * **EndpointAddress** - Endpoint address for SOAP Service sample: https://someurl/pki-ws/certificateManagementService. 
+        * **Enabled** - Flag to Enable or Disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available. 
 
 2. TODO Certificate Template Creation Step is a required section
 

diff --git a/digicert-mpki-caplugin/Constants.cs b/digicert-mpki-caplugin/Constants.cs
@@ -1,4 +1,4 @@
-namespace Keyfactor.Extensions.CAPlugin.DigicertMpki
+namespace Keyfactor.Extensions.CAPlugin.DigicertMpki
 {
 	public class Constants
 	{
@@ -13,5 +13,6 @@ public class Constants
         public static string EmailConstName = "EmailConstName";
         public static string UpnConstName = "UpnConstName";
         public static string OuStartPoint = "OuStartPoint";
+        public static string Enabled = "Enabled";
     }
 }
diff --git a/digicert-mpki-caplugin/DigicertMpkiCAPlugin.cs b/digicert-mpki-caplugin/DigicertMpkiCAPlugin.cs
@@ -1,4 +1,4 @@
-using DigicertMpkiSoap;
+using DigicertMpkiSoap;
 using Keyfactor.AnyGateway.DigicertMpki;
 using Keyfactor.AnyGateway.DigicertMpki.Client.Models;
 using Keyfactor.AnyGateway.Extensions;
@@ -43,6 +43,13 @@
             _config = DeserializeConfig(configProvider.CAConnectionData);
             _logger.MethodEntry();
 
+            if (!_config.Enabled)
+            {
+                _logger.LogWarning($"The CA is currently in the Disabled state. It must be Enabled to perform operations.");
+                _logger.MethodExit(LogLevel.Trace);
+                return;
+            }
+
             _requestManager = new RequestManager(_logger, _config);
             _client = new DigiCertSymClient(_config, _logger);
 
@@ -106,7 +113,7 @@
            }
        }

        private async Task ProcessProductModel(string productModel, BlockingCollection<AnyCAPluginCertificate> blockingBuffer, CancellationToken cancelToken)
        {
            int pageCounter = 0;
            const int pageSize = 50;
@@ -293,10 +300,23 @@
            StatusMessage = $"Enrollment Failed: {errorMessage}"
        };

        public async Task Ping() => _logger.LogTrace("Ping successful.");
 
         public async Task ValidateCAConnectionInfo(Dictionary<string, object> connectionInfo)
         {
+            try
+            {
+                if (!(bool)connectionInfo[Constants.Enabled])
-                if (!(bool)connectionInfo[Constants.Enabled])
+                if (connectionInfo.TryGetValue(Constants.Enabled, out var enabledValue) && enabledValue is bool enabled && !enabled)
-                if (!(bool)connectionInfo[Constants.Enabled])
+                if (connectionInfo.TryGetValue(Constants.Enabled, out var enabledValue) && enabledValue is bool enabled && !enabled)
+                {
+                    _logger.LogWarning($"The CA is currently in the Disabled state. It must be Enabled to perform operations. Skipping validation...");
-                if (!(bool)connectionInfo[Constants.Enabled])
-                {
-                    _logger.LogWarning($"The CA is currently in the Disabled state. It must be Enabled to perform operations. Skipping validation...");
+                if (!connectionInfo.TryGetValue(Constants.Enabled, out object enabledObj) || !(enabledObj is bool enabled) || !enabled)
+                {
+                    _logger.LogWarning($"The CA is currently in the Disabled state or the Enabled flag is missing/invalid. It must be Enabled to perform operations. Skipping validation...");
-                if (!(bool)connectionInfo[Constants.Enabled])
-                {
-                    _logger.LogWarning($"The CA is currently in the Disabled state. It must be Enabled to perform operations. Skipping validation...");
+                if (!connectionInfo.TryGetValue(Constants.Enabled, out object enabledObj) || !(enabledObj is bool enabled) || !enabled)
+                {
+                    _logger.LogWarning($"The CA is currently in the Disabled state or the Enabled flag is missing/invalid. It must be Enabled to perform operations. Skipping validation...");
+                    _logger.MethodExit(LogLevel.Trace);
+                    return;
+                }
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
-                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                throw;
-                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                return;
-                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                throw;
-                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                _logger.LogError($"Exception: {LogHandler.FlattenException(ex)}");
+                return;
+            }
             List<string> errors = ValidateConnectionInfo(connectionInfo);
             if (errors.Any())
                 ThrowValidationException(errors);
@@ -372,6 +392,13 @@
                     Hidden = false,
                     DefaultValue = "",
                     Type = "String"
+                },
+                [Constants.Enabled] = new PropertyConfigInfo()
+                {
+                    Comments = "Flag to Enable or Disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available.",
+                    Hidden = false,
+                    DefaultValue = true,
+                    Type = "Boolean"
                 }
             };
         }

diff --git a/digicert-mpki-caplugin/DigicertMpkiConfig.cs b/digicert-mpki-caplugin/DigicertMpkiConfig.cs
@@ -1,4 +1,4 @@
-namespace Keyfactor.Extensions.CAPlugin.DigicertMpki
+namespace Keyfactor.Extensions.CAPlugin.DigicertMpki
 {
     public class DigicertMpkiConfig
     {
@@ -17,5 +17,6 @@ public DigicertMpkiConfig()
         public string EmailConstName { get; set; }
         public string UpnConstName { get; set; }
         public int OuStartPoint { get; set; }
+        public bool Enabled { get; set; } = true;
     }
 }
diff --git a/digicert-mpki-caplugin/digicert-mpki-caplugin.csproj b/digicert-mpki-caplugin/digicert-mpki-caplugin.csproj
@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFrameworks>net6.0;net8.0</TargetFrameworks>
     <RootNamespace>Keyfactor.Extensions.CAPlugin.DigicertMpki</RootNamespace>
     <ImplicitUsings>disable</ImplicitUsings>
     <Nullable>disable</Nullable>

diff --git a/integration-manifest.json b/integration-manifest.json
@@ -1,5 +1,5 @@
 {
-    "$schema": "https://keyfactor.github.io/integration-manifest-schema.json",
+    "$schema": "https://keyfactor.github.io/v2/integration-manifest-schema.json",
     "integration_type": "anyca-plugin",
     "name": "Digicert Mpki AnyCA REST Gateway Plugin",
     "status": "pilot",
@@ -8,7 +8,8 @@
     "update_catalog": true,
     "description": "Digicert Mpki plugin for the AnyCA REST Gateway framework",
     "gateway_framework": "24.2.0",
-    "release_dir": "digicert-mpki-caplugin/bin/Release/net6.0",
+    "release_dir": "digicert-mpki-caplugin/bin/Release",
+    "release_project": "digicert-mpki-caplugin/digicert-mpki-caplugin.csproj",
     "about": {
         "carest": {
             "ca_plugin_config": [
@@ -31,6 +32,10 @@
                 {
                     "name": "EndpointAddress",
                     "description": "Endpoint address for SOAP Service sample: https://someurl/pki-ws/certificateManagementService."
+                },
+                {
+                    "name": "Enabled",
+                    "description": "Flag to Enable or Disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available."
                 }
             ],
             "enrollment_config": [],