From d640f7fd8c1de9e81f35dfefb3afe6a6e7de5638 Mon Sep 17 00:00:00 2001
From: Brian Hill <bhill@keyfactor.com>
Date: Tue, 11 Jan 2022 13:03:34 -0500
Subject: [PATCH 1/4] Fixed Inventory to Work With SOAP API

---
 .../Client/DigiCertSymClient.cs               |  119 +-
 ...teCertificateStatusResponseType.datasource |   10 +
 ...tKeyRecoveryResponseMessageType.datasource |   10 +
 ...P.SearchCertificateResponseType.datasource |   10 +
 ...teCertificateStatusResponseType.datasource |   10 +
 ...UpdateCertificateStatusResponse.datasource |   10 +
 ...ertMPKISOAP.keyRecoveryResponse.datasource |   10 +
 ...ertMPKISOAP.printMyBeanResponse.datasource |   10 +
 ...ISOAP.searchCertificateResponse.datasource |   10 +
 ...updateCertificateStatusResponse.datasource |   10 +
 .../DigicertMPKISOAP/Reference.cs             | 1909 +++++++++++++++++
 .../DigicertMPKISOAP/Reference.svcmap         |   32 +
 .../certificateManagementService.wsdl         |  109 +
 .../certificateManagementService.xsd          |  165 ++
 .../DigicertMPKISOAP/configuration.svcinfo    |   11 +
 .../DigicertMPKISOAP/configuration91.svcinfo  |  310 +++
 DigiCertSymCaProxy/Constants.cs               |    4 +-
 DigiCertSymCaProxy/DigiCertSymProxy.cs        |   42 +-
 DigiCertSymCaProxy/DigiCertSymProxy.csproj    |   58 +-
 .../Interfaces/IDigiCertSymClient.cs          |    3 +-
 DigiCertSymCaProxy/RequestManager.cs          |   53 +-
 DigiCertSymCaProxy/app.config                 |   16 +
 22 files changed, 2836 insertions(+), 85 deletions(-)
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.cs
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.wsdl
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration.svcinfo
 create mode 100644 DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration91.svcinfo

diff --git a/DigiCertSymCaProxy/Client/DigiCertSymClient.cs b/DigiCertSymCaProxy/Client/DigiCertSymClient.cs
index b7a5e9b..a0b8111 100644
--- a/DigiCertSymCaProxy/Client/DigiCertSymClient.cs
+++ b/DigiCertSymCaProxy/Client/DigiCertSymClient.cs
@@ -1,14 +1,19 @@
 using System;
 using System.Collections.Concurrent;
+using System.Collections.Generic;
 using System.Net;
 using System.Net.Http;
 using System.Net.Http.Headers;
+using System.Security.Cryptography.X509Certificates;
+using System.ServiceModel;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
-using CAProxy.AnyGateway.Interfaces;
+using CAProxy.AnyGateway;
+using CAProxy.AnyGateway.Models.Configuration;
 using CSS.Common.Logging;
 using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
+using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP;
 using Keyfactor.AnyGateway.DigiCertSym.Exceptions;
 using Keyfactor.AnyGateway.DigiCertSym.Interfaces;
 using Newtonsoft.Json;
@@ -17,15 +22,19 @@ namespace Keyfactor.AnyGateway.DigiCertSym.Client
 {
     public sealed class DigiCertSymClient : LoggingClientBase, IDigiCertSymClient
     {
-        public DigiCertSymClient(ICAConnectorConfigProvider config)
+        public DigiCertSymClient(CAConfig config)
         {
-            if (config.CAConnectionData.ContainsKey(Constants.DigiCertSymApiKey))
-            {
+            if (config.Config.CAConnection.ContainsKey(Constants.DigiCertSymApiKey))
                 try
                 {
-                    BaseUrl = new Uri(config.CAConnectionData[Constants.DigiCertSymUrl].ToString());
-                    ApiKey = config.CAConnectionData[Constants.DigiCertSymApiKey].ToString();
-                    SeatList = config.CAConnectionData[Constants.SeatList].ToString();
+                    BaseUrl = new Uri(config.Config.CAConnection[Constants.DigiCertSymUrl].ToString());
+                    ApiKey = config.Config.CAConnection[Constants.DigiCertSymApiKey].ToString();
+                    Templates = config.Config.Templates;
+                    ClientCertificateLocation =
+                        config.Config.CAConnection[Constants.ClientCertificateLocation].ToString();
+                    ClientCertificatePassword =
+                        config.Config.CAConnection[Constants.ClientCertificatePassword].ToString();
+                    EndPointAddress = config.Config.CAConnection[Constants.EndpointAddress].ToString();
                     RestClient = ConfigureRestClient();
                 }
                 catch (Exception e)
@@ -33,13 +42,15 @@ public DigiCertSymClient(ICAConnectorConfigProvider config)
                     Logger.Error($"DigiCertSymClient Constructor Error Occurred: {e.Message}");
                     throw;
                 }
-            }
         }
 
         private Uri BaseUrl { get; }
         private HttpClient RestClient { get; }
         private string ApiKey { get; }
-        private string SeatList { get; }
+        private Dictionary<string, ProductModel> Templates { get; }
+        private string EndPointAddress { get; }
+        private string ClientCertificateLocation { get; }
+        private string ClientCertificatePassword { get; }
         private int PageSize { get; } = 50;
 
 
@@ -178,78 +189,70 @@ public async Task<GetCertificateResponse> SubmitGetCertificateAsync(string seria
             }
         }
 
-        public async Task SubmitQueryOrderRequestAsync(BlockingCollection<ICertificateDetails> bc, CancellationToken ct,
-    RequestManager requestManager)
+        public async Task SubmitQueryOrderRequestAsync(BlockingCollection<CertificateSearchResultType> bc,
+            CancellationToken ct,
+            RequestManager requestManager)
         {
             Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
             try
             {
                 var itemsProcessed = 0;
                 var isComplete = false;
-                var retryCount = 0;
 
-                foreach (var seat in SeatList.Split(','))
-                {
-                    Logger.Trace($"Processing SeatId {seat}");
-                    var pageCounter = 1;
+                foreach (var template in Templates.Values)
+                {
+                    Logger.Trace($"Processing Template {template.ProductID}");
+                    var pageCounter = 0;
                     do
                     {
                         var queryOrderRequest =
-                            requestManager.GetSearchCertificatesRequest(pageCounter, seat);
+                            requestManager.GetSearchCertificatesRequest(pageCounter, template.ProductID);
                         var batchItemsProcessed = 0;
-                        using (var resp = await RestClient.PostAsync("/mpki/api/v1/searchcert", new StringContent(
-                            JsonConvert.SerializeObject(queryOrderRequest), Encoding.ASCII, "application/json"), ct))
-                        {
 
-                            if (!resp.IsSuccessStatusCode)
-                            {
-                                var responseMessage = resp.Content.ReadAsStringAsync().Result;
-                                Logger.Trace($"Raw error response {responseMessage}");
+                        var bind = new BasicHttpsBinding();
+                        bind.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
+                        var ep = new EndpointAddress(EndPointAddress);
+                        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11;
+                        var client = new CertificateManagementOperationsClient(bind, ep);
+                        var cert = new X509Certificate2(ClientCertificateLocation, ClientCertificatePassword);
+                        if (client.ClientCredentials != null)
+                            client.ClientCredentials.ClientCertificate.Certificate = cert;
 
-                                //igngore missing Certificate in search 404 errors
-                                if (!responseMessage.Contains("entity_not_found"))
-                                {
-                                    Logger.Error(
-                                        $"Failed Request to Digicert mPKI. Retrying request. Status Code {resp.StatusCode} | Message: {responseMessage}");
-                                    retryCount++;
-                                    if (retryCount > 5)
-                                        throw new RetryCountExceededException(
-                                            $"5 consecutive failures to {resp.RequestMessage.RequestUri}");
-                                }
-                                break; //Seat has no certs move on to the next seat
-                            }
 
-                            var response = JsonConvert.DeserializeObject<CertificateSearchResponse>(
-                                await resp.Content.ReadAsStringAsync());
+                        var resp = await client.searchCertificateAsync(queryOrderRequest);
+
+                        if (resp.searchCertificateResponse1.certificateCount == 0)
+                            break; //Profile has no certs move on to the next Profile
 
-                            var batchResponse = response.Certificates;
-                            var batchCount = batchResponse.Count;
+                        var batchResponse = resp.searchCertificateResponse1.certificateList;
+                        var batchCount = batchResponse.Length;
 
-                            Logger.Trace($"Processing {batchCount} items in batch");
-                            do
+                        Logger.Trace($"Processing {batchCount} items in batch");
+                        do
+                        {
+                            var r = batchResponse[batchItemsProcessed];
+                            if (bc.TryAdd(r, 10, ct))
+                            {
+                                Logger.Trace($"Added Certificate ID {r.serialNumber} to Queue for processing");
+                                batchItemsProcessed++;
+                                itemsProcessed++;
+                                Logger.Trace($"Processed {batchItemsProcessed} of {batchCount}");
+                                Logger.Trace($"Total Items Processed: {itemsProcessed}");
+                            }
+                            else
                             {
-                                var r = batchResponse[batchItemsProcessed];
-                                if (bc.TryAdd(r, 10, ct))
-                                {
-                                    Logger.Trace($"Added Certificate ID {r.SerialNumber} to Queue for processing");
-                                    batchItemsProcessed++;
-                                    itemsProcessed++;
-                                    Logger.Trace($"Processed {batchItemsProcessed} of {batchCount}");
-                                    Logger.Trace($"Total Items Processed: {itemsProcessed}");
-                                }
-                                else
-                                {
-                                    Logger.Trace($"Adding {r} blocked. Retry");
-                                }
-                            } while (batchItemsProcessed < batchCount); //batch loop
-                        }
+                                Logger.Trace($"Adding {r} blocked. Retry");
+                            }
+                        } while (batchItemsProcessed < batchCount); //batch loop
+
 
                         //assume that if we process less records than requested that we have reached the end of the certificate list
                         if (batchItemsProcessed < PageSize)
-                            isComplete = true;
+                            isComplete = true;
                         pageCounter = pageCounter + PageSize;
                     } while (!isComplete); //page loop
                 }
+
                 bc.CompleteAdding();
             }
             catch (OperationCanceledException cancelEx)
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource
new file mode 100644
index 0000000..445ac7a
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="BulkUpdateCertificateStatusResponseType" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource
new file mode 100644
index 0000000..750daa3
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="RequestKeyRecoveryResponseMessageType" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource
new file mode 100644
index 0000000..541b61d
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="SearchCertificateResponseType" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource
new file mode 100644
index 0000000..89f89f5
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="UpdateCertificateStatusResponseType" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource
new file mode 100644
index 0000000..eb8bb32
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="bulkUpdateCertificateStatusResponse" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource
new file mode 100644
index 0000000..538ee8e
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="keyRecoveryResponse" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource
new file mode 100644
index 0000000..e4903d5
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="printMyBeanResponse" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource
new file mode 100644
index 0000000..b1afe2e
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="searchCertificateResponse" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource
new file mode 100644
index 0000000..d31541c
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource	
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    This file is automatically generated by Visual Studio .Net. It is 
+    used to store generic object data source configuration information.  
+    Renaming the file extension or editing the content of this file may   
+    cause the file to be unrecognizable by the program.
+-->
+<GenericObjectDataSource DisplayName="updateCertificateStatusResponse" Version="1.0" xmlns="urn:schemas-microsoft-com:xml-msdatasource">
+   <TypeInfo>Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse, Connected Services.DigicertMPKISOAP.Reference.cs.dll, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</TypeInfo>
+</GenericObjectDataSource>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.cs b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.cs
new file mode 100644
index 0000000..74bfb1e
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.cs	
@@ -0,0 +1,1909 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//     Runtime Version:4.0.30319.42000
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated.
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP {
+    
+    
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ServiceModel.ServiceContractAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", ConfigurationName="DigicertMPKISOAP.CertificateManagementOperations")]
+    public interface CertificateManagementOperations {
+        
+        // CODEGEN: Generating message contract since the operation bulkUpdateCertificateStatus is neither RPC nor document wrapped.
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/bulkUpdateCertificateS" +
+            "tatus", ReplyAction="*")]
+        [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse bulkUpdateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request);
+        
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/bulkUpdateCertificateS" +
+            "tatus", ReplyAction="*")]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse> bulkUpdateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request);
+        
+        // CODEGEN: Generating message contract since the operation updateCertificateStatus is neither RPC nor document wrapped.
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/updateCertificateStatu" +
+            "s", ReplyAction="*")]
+        [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse updateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request);
+        
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/updateCertificateStatu" +
+            "s", ReplyAction="*")]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse> updateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request);
+        
+        // CODEGEN: Generating message contract since the operation searchCertificate is neither RPC nor document wrapped.
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/searchCertificate", ReplyAction="*")]
+        [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse searchCertificate(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request);
+        
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/searchCertificate", ReplyAction="*")]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse> searchCertificateAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request);
+        
+        // CODEGEN: Generating message contract since the operation keyRecovery is neither RPC nor document wrapped.
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/keyRecovery", ReplyAction="*")]
+        [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse keyRecovery(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request);
+        
+        [System.ServiceModel.OperationContractAttribute(Action="http://schemas.verisign.com/pkiservices/2009/07/management/keyRecovery", ReplyAction="*")]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse> keyRecoveryAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request);
+        
+        // CODEGEN: Generating message contract since the operation printMyBean is neither RPC nor document wrapped.
+        [System.ServiceModel.OperationContractAttribute(Action="", ReplyAction="*")]
+        [System.ServiceModel.XmlSerializerFormatAttribute(SupportFaults=true)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse printMyBean(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request);
+        
+        [System.ServiceModel.OperationContractAttribute(Action="", ReplyAction="*")]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse> printMyBeanAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request);
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class BulkUpdateCertificateStatusRequestType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string versionField;
+        
+        private RevokeReasonCodeEnum revocationReasonField;
+        
+        private bool revocationReasonFieldSpecified;
+        
+        private string commentField;
+        
+        private string[] certificateSerialNumberField;
+        
+        private string[] seatIdField;
+        
+        private string[] profileOIDField;
+        
+        private OperationTypeEnum operationTypeField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public RevokeReasonCodeEnum revocationReason {
+            get {
+                return this.revocationReasonField;
+            }
+            set {
+                this.revocationReasonField = value;
+                this.RaisePropertyChanged("revocationReason");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool revocationReasonSpecified {
+            get {
+                return this.revocationReasonFieldSpecified;
+            }
+            set {
+                this.revocationReasonFieldSpecified = value;
+                this.RaisePropertyChanged("revocationReasonSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public string comment {
+            get {
+                return this.commentField;
+            }
+            set {
+                this.commentField = value;
+                this.RaisePropertyChanged("comment");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute("certificateSerialNumber", IsNullable=true, Order=4)]
+        public string[] certificateSerialNumber {
+            get {
+                return this.certificateSerialNumberField;
+            }
+            set {
+                this.certificateSerialNumberField = value;
+                this.RaisePropertyChanged("certificateSerialNumber");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute("seatId", IsNullable=true, Order=5)]
+        public string[] seatId {
+            get {
+                return this.seatIdField;
+            }
+            set {
+                this.seatIdField = value;
+                this.RaisePropertyChanged("seatId");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute("profileOID", IsNullable=true, Order=6)]
+        public string[] profileOID {
+            get {
+                return this.profileOIDField;
+            }
+            set {
+                this.profileOIDField = value;
+                this.RaisePropertyChanged("profileOID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=7)]
+        public OperationTypeEnum operationType {
+            get {
+                return this.operationTypeField;
+            }
+            set {
+                this.operationTypeField = value;
+                this.RaisePropertyChanged("operationType");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=8)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public enum RevokeReasonCodeEnum {
+        
+        /// <remarks/>
+        Unspecified,
+        
+        /// <remarks/>
+        KeyCompromise,
+        
+        /// <remarks/>
+        CACompromise,
+        
+        /// <remarks/>
+        AffiliationChanged,
+        
+        /// <remarks/>
+        CessationOfOperation,
+        
+        /// <remarks/>
+        PrivilegeWithdrawn,
+        
+        /// <remarks/>
+        AACompromise,
+        
+        /// <remarks/>
+        Superseded,
+        
+        /// <remarks/>
+        CertificateHold,
+        
+        /// <remarks/>
+        RemoveFromCRL,
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public enum OperationTypeEnum {
+        
+        /// <remarks/>
+        Revoke,
+        
+        /// <remarks/>
+        Suspend,
+        
+        /// <remarks/>
+        Resume,
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class RequestKeyRecoveryResponseMessageType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string serverTransactionIDField;
+        
+        private int adminApprovalPendingCountField;
+        
+        private bool adminApprovalPendingCountFieldSpecified;
+        
+        private string pKCS12PasswordField;
+        
+        private string[] pKCS12MessageField;
+        
+        private string versionField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string serverTransactionID {
+            get {
+                return this.serverTransactionIDField;
+            }
+            set {
+                this.serverTransactionIDField = value;
+                this.RaisePropertyChanged("serverTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public int adminApprovalPendingCount {
+            get {
+                return this.adminApprovalPendingCountField;
+            }
+            set {
+                this.adminApprovalPendingCountField = value;
+                this.RaisePropertyChanged("adminApprovalPendingCount");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool adminApprovalPendingCountSpecified {
+            get {
+                return this.adminApprovalPendingCountFieldSpecified;
+            }
+            set {
+                this.adminApprovalPendingCountFieldSpecified = value;
+                this.RaisePropertyChanged("adminApprovalPendingCountSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public string pKCS12Password {
+            get {
+                return this.pKCS12PasswordField;
+            }
+            set {
+                this.pKCS12PasswordField = value;
+                this.RaisePropertyChanged("pKCS12Password");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute("pKCS12Message", Order=4)]
+        public string[] pKCS12Message {
+            get {
+                return this.pKCS12MessageField;
+            }
+            set {
+                this.pKCS12MessageField = value;
+                this.RaisePropertyChanged("pKCS12Message");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=5)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class RequestKeyRecoveryMessageType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string pKCS12PasswordField;
+        
+        private string certificateSerialNumberField;
+        
+        private string certificateIssuerField;
+        
+        private string adminIDField;
+        
+        private string versionField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string pKCS12Password {
+            get {
+                return this.pKCS12PasswordField;
+            }
+            set {
+                this.pKCS12PasswordField = value;
+                this.RaisePropertyChanged("pKCS12Password");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public string certificateSerialNumber {
+            get {
+                return this.certificateSerialNumberField;
+            }
+            set {
+                this.certificateSerialNumberField = value;
+                this.RaisePropertyChanged("certificateSerialNumber");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public string certificateIssuer {
+            get {
+                return this.certificateIssuerField;
+            }
+            set {
+                this.certificateIssuerField = value;
+                this.RaisePropertyChanged("certificateIssuer");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=4)]
+        public string adminID {
+            get {
+                return this.adminIDField;
+            }
+            set {
+                this.adminIDField = value;
+                this.RaisePropertyChanged("adminID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=5)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class CertificateSearchResultType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private byte[] certificateField;
+        
+        private string seatIdField;
+        
+        private string commonNameField;
+        
+        private string accountIdField;
+        
+        private string profileOIDField;
+        
+        private string emailAddressField;
+        
+        private CertificateStatusEnum statusField;
+        
+        private long revokeAtField;
+        
+        private bool revokeAtFieldSpecified;
+        
+        private RevokeReasonCodeEnum revokeReasonField;
+        
+        private bool revokeReasonFieldSpecified;
+        
+        private long validFromField;
+        
+        private long validToField;
+        
+        private string serialNumberField;
+        
+        private bool isEscrowedField;
+        
+        private string enrollmentNotesField;
+        
+        private string revokeCommentsField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(DataType="base64Binary", Order=0)]
+        public byte[] certificate {
+            get {
+                return this.certificateField;
+            }
+            set {
+                this.certificateField = value;
+                this.RaisePropertyChanged("certificate");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string seatId {
+            get {
+                return this.seatIdField;
+            }
+            set {
+                this.seatIdField = value;
+                this.RaisePropertyChanged("seatId");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public string commonName {
+            get {
+                return this.commonNameField;
+            }
+            set {
+                this.commonNameField = value;
+                this.RaisePropertyChanged("commonName");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public string accountId {
+            get {
+                return this.accountIdField;
+            }
+            set {
+                this.accountIdField = value;
+                this.RaisePropertyChanged("accountId");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=4)]
+        public string profileOID {
+            get {
+                return this.profileOIDField;
+            }
+            set {
+                this.profileOIDField = value;
+                this.RaisePropertyChanged("profileOID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(IsNullable=true, Order=5)]
+        public string emailAddress {
+            get {
+                return this.emailAddressField;
+            }
+            set {
+                this.emailAddressField = value;
+                this.RaisePropertyChanged("emailAddress");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=6)]
+        public CertificateStatusEnum status {
+            get {
+                return this.statusField;
+            }
+            set {
+                this.statusField = value;
+                this.RaisePropertyChanged("status");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=7)]
+        public long revokeAt {
+            get {
+                return this.revokeAtField;
+            }
+            set {
+                this.revokeAtField = value;
+                this.RaisePropertyChanged("revokeAt");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool revokeAtSpecified {
+            get {
+                return this.revokeAtFieldSpecified;
+            }
+            set {
+                this.revokeAtFieldSpecified = value;
+                this.RaisePropertyChanged("revokeAtSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=8)]
+        public RevokeReasonCodeEnum revokeReason {
+            get {
+                return this.revokeReasonField;
+            }
+            set {
+                this.revokeReasonField = value;
+                this.RaisePropertyChanged("revokeReason");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool revokeReasonSpecified {
+            get {
+                return this.revokeReasonFieldSpecified;
+            }
+            set {
+                this.revokeReasonFieldSpecified = value;
+                this.RaisePropertyChanged("revokeReasonSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=9)]
+        public long validFrom {
+            get {
+                return this.validFromField;
+            }
+            set {
+                this.validFromField = value;
+                this.RaisePropertyChanged("validFrom");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=10)]
+        public long validTo {
+            get {
+                return this.validToField;
+            }
+            set {
+                this.validToField = value;
+                this.RaisePropertyChanged("validTo");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=11)]
+        public string serialNumber {
+            get {
+                return this.serialNumberField;
+            }
+            set {
+                this.serialNumberField = value;
+                this.RaisePropertyChanged("serialNumber");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=12)]
+        public bool isEscrowed {
+            get {
+                return this.isEscrowedField;
+            }
+            set {
+                this.isEscrowedField = value;
+                this.RaisePropertyChanged("isEscrowed");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(IsNullable=true, Order=13)]
+        public string enrollmentNotes {
+            get {
+                return this.enrollmentNotesField;
+            }
+            set {
+                this.enrollmentNotesField = value;
+                this.RaisePropertyChanged("enrollmentNotes");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(IsNullable=true, Order=14)]
+        public string revokeComments {
+            get {
+                return this.revokeCommentsField;
+            }
+            set {
+                this.revokeCommentsField = value;
+                this.RaisePropertyChanged("revokeComments");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=15)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public enum CertificateStatusEnum {
+        
+        /// <remarks/>
+        VALID,
+        
+        /// <remarks/>
+        EXPIRED,
+        
+        /// <remarks/>
+        REVOKED,
+        
+        /// <remarks/>
+        SUSPENDED,
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class SearchCertificateResponseType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string serverTransactionIDField;
+        
+        private int certificateCountField;
+        
+        private CertificateSearchResultType[] certificateListField;
+        
+        private bool moreCertificateAvailableField;
+        
+        private bool moreCertificateAvailableFieldSpecified;
+        
+        private string versionField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string serverTransactionID {
+            get {
+                return this.serverTransactionIDField;
+            }
+            set {
+                this.serverTransactionIDField = value;
+                this.RaisePropertyChanged("serverTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public int certificateCount {
+            get {
+                return this.certificateCountField;
+            }
+            set {
+                this.certificateCountField = value;
+                this.RaisePropertyChanged("certificateCount");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlArrayAttribute(Order=3)]
+        [System.Xml.Serialization.XmlArrayItemAttribute("certificateInformation", IsNullable=false)]
+        public CertificateSearchResultType[] certificateList {
+            get {
+                return this.certificateListField;
+            }
+            set {
+                this.certificateListField = value;
+                this.RaisePropertyChanged("certificateList");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=4)]
+        public bool moreCertificateAvailable {
+            get {
+                return this.moreCertificateAvailableField;
+            }
+            set {
+                this.moreCertificateAvailableField = value;
+                this.RaisePropertyChanged("moreCertificateAvailable");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool moreCertificateAvailableSpecified {
+            get {
+                return this.moreCertificateAvailableFieldSpecified;
+            }
+            set {
+                this.moreCertificateAvailableFieldSpecified = value;
+                this.RaisePropertyChanged("moreCertificateAvailableSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=5)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class SearchCertificateRequestType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string seatIdField;
+        
+        private string accountIdField;
+        
+        private string profileOIDField;
+        
+        private string commonNameField;
+        
+        private CertificateStatusEnum statusField;
+        
+        private bool statusFieldSpecified;
+        
+        private string emailAddressField;
+        
+        private string serialNumberField;
+        
+        private byte[] issuingCAField;
+        
+        private long validFromField;
+        
+        private bool validFromFieldSpecified;
+        
+        private long validToField;
+        
+        private bool validToFieldSpecified;
+        
+        private int startIndexField;
+        
+        private bool startIndexFieldSpecified;
+        
+        private string versionField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string seatId {
+            get {
+                return this.seatIdField;
+            }
+            set {
+                this.seatIdField = value;
+                this.RaisePropertyChanged("seatId");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public string accountId {
+            get {
+                return this.accountIdField;
+            }
+            set {
+                this.accountIdField = value;
+                this.RaisePropertyChanged("accountId");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public string profileOID {
+            get {
+                return this.profileOIDField;
+            }
+            set {
+                this.profileOIDField = value;
+                this.RaisePropertyChanged("profileOID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=4)]
+        public string commonName {
+            get {
+                return this.commonNameField;
+            }
+            set {
+                this.commonNameField = value;
+                this.RaisePropertyChanged("commonName");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=5)]
+        public CertificateStatusEnum status {
+            get {
+                return this.statusField;
+            }
+            set {
+                this.statusField = value;
+                this.RaisePropertyChanged("status");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool statusSpecified {
+            get {
+                return this.statusFieldSpecified;
+            }
+            set {
+                this.statusFieldSpecified = value;
+                this.RaisePropertyChanged("statusSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=6)]
+        public string emailAddress {
+            get {
+                return this.emailAddressField;
+            }
+            set {
+                this.emailAddressField = value;
+                this.RaisePropertyChanged("emailAddress");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=7)]
+        public string serialNumber {
+            get {
+                return this.serialNumberField;
+            }
+            set {
+                this.serialNumberField = value;
+                this.RaisePropertyChanged("serialNumber");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(DataType="base64Binary", Order=8)]
+        public byte[] issuingCA {
+            get {
+                return this.issuingCAField;
+            }
+            set {
+                this.issuingCAField = value;
+                this.RaisePropertyChanged("issuingCA");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=9)]
+        public long validFrom {
+            get {
+                return this.validFromField;
+            }
+            set {
+                this.validFromField = value;
+                this.RaisePropertyChanged("validFrom");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool validFromSpecified {
+            get {
+                return this.validFromFieldSpecified;
+            }
+            set {
+                this.validFromFieldSpecified = value;
+                this.RaisePropertyChanged("validFromSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=10)]
+        public long validTo {
+            get {
+                return this.validToField;
+            }
+            set {
+                this.validToField = value;
+                this.RaisePropertyChanged("validTo");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool validToSpecified {
+            get {
+                return this.validToFieldSpecified;
+            }
+            set {
+                this.validToFieldSpecified = value;
+                this.RaisePropertyChanged("validToSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=11)]
+        public int startIndex {
+            get {
+                return this.startIndexField;
+            }
+            set {
+                this.startIndexField = value;
+                this.RaisePropertyChanged("startIndex");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool startIndexSpecified {
+            get {
+                return this.startIndexFieldSpecified;
+            }
+            set {
+                this.startIndexFieldSpecified = value;
+                this.RaisePropertyChanged("startIndexSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=12)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=13)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class UpdateCertificateStatusResponseType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string serverTransactionIDField;
+        
+        private string versionField;
+        
+        private int successCodeField;
+        
+        private string successMsgField;
+        
+        private int revocationCountField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string serverTransactionID {
+            get {
+                return this.serverTransactionIDField;
+            }
+            set {
+                this.serverTransactionIDField = value;
+                this.RaisePropertyChanged("serverTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public int successCode {
+            get {
+                return this.successCodeField;
+            }
+            set {
+                this.successCodeField = value;
+                this.RaisePropertyChanged("successCode");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=4)]
+        public string successMsg {
+            get {
+                return this.successMsgField;
+            }
+            set {
+                this.successMsgField = value;
+                this.RaisePropertyChanged("successMsg");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=5)]
+        public int revocationCount {
+            get {
+                return this.revocationCountField;
+            }
+            set {
+                this.revocationCountField = value;
+                this.RaisePropertyChanged("revocationCount");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class UpdateCertificateStatusRequestType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string versionField;
+        
+        private string certificateIssuerField;
+        
+        private RevokeReasonCodeEnum revocationReasonField;
+        
+        private bool revocationReasonFieldSpecified;
+        
+        private string challengeField;
+        
+        private string commentField;
+        
+        private string certificateSerialNumberField;
+        
+        private string seatIdField;
+        
+        private OperationTypeEnum operationTypeField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public string certificateIssuer {
+            get {
+                return this.certificateIssuerField;
+            }
+            set {
+                this.certificateIssuerField = value;
+                this.RaisePropertyChanged("certificateIssuer");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public RevokeReasonCodeEnum revocationReason {
+            get {
+                return this.revocationReasonField;
+            }
+            set {
+                this.revocationReasonField = value;
+                this.RaisePropertyChanged("revocationReason");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlIgnoreAttribute()]
+        public bool revocationReasonSpecified {
+            get {
+                return this.revocationReasonFieldSpecified;
+            }
+            set {
+                this.revocationReasonFieldSpecified = value;
+                this.RaisePropertyChanged("revocationReasonSpecified");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=4)]
+        public string challenge {
+            get {
+                return this.challengeField;
+            }
+            set {
+                this.challengeField = value;
+                this.RaisePropertyChanged("challenge");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=5)]
+        public string comment {
+            get {
+                return this.commentField;
+            }
+            set {
+                this.commentField = value;
+                this.RaisePropertyChanged("comment");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=6)]
+        public string certificateSerialNumber {
+            get {
+                return this.certificateSerialNumberField;
+            }
+            set {
+                this.certificateSerialNumberField = value;
+                this.RaisePropertyChanged("certificateSerialNumber");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=7)]
+        public string seatId {
+            get {
+                return this.seatIdField;
+            }
+            set {
+                this.seatIdField = value;
+                this.RaisePropertyChanged("seatId");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=8)]
+        public OperationTypeEnum operationType {
+            get {
+                return this.operationTypeField;
+            }
+            set {
+                this.operationTypeField = value;
+                this.RaisePropertyChanged("operationType");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=9)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "4.8.3752.0")]
+    [System.SerializableAttribute()]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management")]
+    public partial class BulkUpdateCertificateStatusResponseType : object, System.ComponentModel.INotifyPropertyChanged {
+        
+        private string clientTransactionIDField;
+        
+        private string serverTransactionIDField;
+        
+        private string versionField;
+        
+        private int successCodeField;
+        
+        private string successMsgField;
+        
+        private int revocationCountField;
+        
+        private System.Xml.XmlElement[] anyField;
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=0)]
+        public string clientTransactionID {
+            get {
+                return this.clientTransactionIDField;
+            }
+            set {
+                this.clientTransactionIDField = value;
+                this.RaisePropertyChanged("clientTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=1)]
+        public string serverTransactionID {
+            get {
+                return this.serverTransactionIDField;
+            }
+            set {
+                this.serverTransactionIDField = value;
+                this.RaisePropertyChanged("serverTransactionID");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=2)]
+        public string version {
+            get {
+                return this.versionField;
+            }
+            set {
+                this.versionField = value;
+                this.RaisePropertyChanged("version");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=3)]
+        public int successCode {
+            get {
+                return this.successCodeField;
+            }
+            set {
+                this.successCodeField = value;
+                this.RaisePropertyChanged("successCode");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=4)]
+        public string successMsg {
+            get {
+                return this.successMsgField;
+            }
+            set {
+                this.successMsgField = value;
+                this.RaisePropertyChanged("successMsg");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlElementAttribute(Order=5)]
+        public int revocationCount {
+            get {
+                return this.revocationCountField;
+            }
+            set {
+                this.revocationCountField = value;
+                this.RaisePropertyChanged("revocationCount");
+            }
+        }
+        
+        /// <remarks/>
+        [System.Xml.Serialization.XmlAnyElementAttribute(Order=6)]
+        public System.Xml.XmlElement[] Any {
+            get {
+                return this.anyField;
+            }
+            set {
+                this.anyField = value;
+                this.RaisePropertyChanged("Any");
+            }
+        }
+        
+        public event System.ComponentModel.PropertyChangedEventHandler PropertyChanged;
+        
+        protected void RaisePropertyChanged(string propertyName) {
+            System.ComponentModel.PropertyChangedEventHandler propertyChanged = this.PropertyChanged;
+            if ((propertyChanged != null)) {
+                propertyChanged(this, new System.ComponentModel.PropertyChangedEventArgs(propertyName));
+            }
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class bulkUpdateCertificateStatusRequest {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Name="bulkUpdateCertificateStatusRequest", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1;
+        
+        public bulkUpdateCertificateStatusRequest() {
+        }
+        
+        public bulkUpdateCertificateStatusRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1) {
+            this.bulkUpdateCertificateStatusRequest1 = bulkUpdateCertificateStatusRequest1;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class bulkUpdateCertificateStatusResponse {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Name="bulkUpdateCertificateStatusResponse", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType bulkUpdateCertificateStatusResponse1;
+        
+        public bulkUpdateCertificateStatusResponse() {
+        }
+        
+        public bulkUpdateCertificateStatusResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType bulkUpdateCertificateStatusResponse1) {
+            this.bulkUpdateCertificateStatusResponse1 = bulkUpdateCertificateStatusResponse1;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class updateCertificateStatusRequest {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Name="updateCertificateStatusRequest", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1;
+        
+        public updateCertificateStatusRequest() {
+        }
+        
+        public updateCertificateStatusRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1) {
+            this.updateCertificateStatusRequest1 = updateCertificateStatusRequest1;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class updateCertificateStatusResponse {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Name="updateCertificateStatusResponse", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType updateCertificateStatusResponse1;
+        
+        public updateCertificateStatusResponse() {
+        }
+        
+        public updateCertificateStatusResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType updateCertificateStatusResponse1) {
+            this.updateCertificateStatusResponse1 = updateCertificateStatusResponse1;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class searchCertificateRequest {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Name="searchCertificateRequest", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1;
+        
+        public searchCertificateRequest() {
+        }
+        
+        public searchCertificateRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1) {
+            this.searchCertificateRequest1 = searchCertificateRequest1;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class searchCertificateResponse {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Name="searchCertificateResponse", Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType searchCertificateResponse1;
+        
+        public searchCertificateResponse() {
+        }
+        
+        public searchCertificateResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType searchCertificateResponse1) {
+            this.searchCertificateResponse1 = searchCertificateResponse1;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class keyRecoveryRequest {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage;
+        
+        public keyRecoveryRequest() {
+        }
+        
+        public keyRecoveryRequest(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage) {
+            this.requestKeyRecoveryMessage = requestKeyRecoveryMessage;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class keyRecoveryResponse {
+        
+        [System.ServiceModel.MessageBodyMemberAttribute(Namespace="http://schemas.verisign.com/pkiservices/2009/07/management", Order=0)]
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType requestKeyRecoveryResponseMessage;
+        
+        public keyRecoveryResponse() {
+        }
+        
+        public keyRecoveryResponse(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType requestKeyRecoveryResponseMessage) {
+            this.requestKeyRecoveryResponseMessage = requestKeyRecoveryResponseMessage;
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class printMyBeanRequest {
+        
+        public printMyBeanRequest() {
+        }
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+    [System.ServiceModel.MessageContractAttribute(IsWrapped=false)]
+    public partial class printMyBeanResponse {
+        
+        public printMyBeanResponse() {
+        }
+    }
+    
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    public interface CertificateManagementOperationsChannel : Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations, System.ServiceModel.IClientChannel {
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    public partial class CertificateManagementOperationsClient : System.ServiceModel.ClientBase<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations>, Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations {
+        
+        public CertificateManagementOperationsClient() {
+        }
+        
+        public CertificateManagementOperationsClient(string endpointConfigurationName) : 
+                base(endpointConfigurationName) {
+        }
+        
+        public CertificateManagementOperationsClient(string endpointConfigurationName, string remoteAddress) : 
+                base(endpointConfigurationName, remoteAddress) {
+        }
+        
+        public CertificateManagementOperationsClient(string endpointConfigurationName, System.ServiceModel.EndpointAddress remoteAddress) : 
+                base(endpointConfigurationName, remoteAddress) {
+        }
+        
+        public CertificateManagementOperationsClient(System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress) : 
+                base(binding, remoteAddress) {
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.bulkUpdateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request) {
+            return base.Channel.bulkUpdateCertificateStatus(request);
+        }
+        
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType bulkUpdateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest();
+            inValue.bulkUpdateCertificateStatusRequest1 = bulkUpdateCertificateStatusRequest1;
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).bulkUpdateCertificateStatus(inValue);
+            return retVal.bulkUpdateCertificateStatusResponse1;
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse> Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.bulkUpdateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest request) {
+            return base.Channel.bulkUpdateCertificateStatusAsync(request);
+        }
+        
+        public System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse> bulkUpdateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusRequestType bulkUpdateCertificateStatusRequest1) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusRequest();
+            inValue.bulkUpdateCertificateStatusRequest1 = bulkUpdateCertificateStatusRequest1;
+            return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).bulkUpdateCertificateStatusAsync(inValue);
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.updateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request) {
+            return base.Channel.updateCertificateStatus(request);
+        }
+        
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType updateCertificateStatus(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest();
+            inValue.updateCertificateStatusRequest1 = updateCertificateStatusRequest1;
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).updateCertificateStatus(inValue);
+            return retVal.updateCertificateStatusResponse1;
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse> Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.updateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest request) {
+            return base.Channel.updateCertificateStatusAsync(request);
+        }
+        
+        public System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse> updateCertificateStatusAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusRequestType updateCertificateStatusRequest1) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusRequest();
+            inValue.updateCertificateStatusRequest1 = updateCertificateStatusRequest1;
+            return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).updateCertificateStatusAsync(inValue);
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.searchCertificate(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request) {
+            return base.Channel.searchCertificate(request);
+        }
+        
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType searchCertificate(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest();
+            inValue.searchCertificateRequest1 = searchCertificateRequest1;
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).searchCertificate(inValue);
+            return retVal.searchCertificateResponse1;
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse> Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.searchCertificateAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest request) {
+            return base.Channel.searchCertificateAsync(request);
+        }
+        
+        public System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse> searchCertificateAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateRequestType searchCertificateRequest1) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateRequest();
+            inValue.searchCertificateRequest1 = searchCertificateRequest1;
+            return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).searchCertificateAsync(inValue);
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.keyRecovery(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request) {
+            return base.Channel.keyRecovery(request);
+        }
+        
+        public Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType keyRecovery(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest();
+            inValue.requestKeyRecoveryMessage = requestKeyRecoveryMessage;
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).keyRecovery(inValue);
+            return retVal.requestKeyRecoveryResponseMessage;
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse> Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.keyRecoveryAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest request) {
+            return base.Channel.keyRecoveryAsync(request);
+        }
+        
+        public System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse> keyRecoveryAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryMessageType requestKeyRecoveryMessage) {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryRequest();
+            inValue.requestKeyRecoveryMessage = requestKeyRecoveryMessage;
+            return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).keyRecoveryAsync(inValue);
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.printMyBean(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request) {
+            return base.Channel.printMyBean(request);
+        }
+        
+        public void printMyBean() {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest();
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse retVal = ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).printMyBean(inValue);
+        }
+        
+        [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Advanced)]
+        System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse> Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations.printMyBeanAsync(Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest request) {
+            return base.Channel.printMyBeanAsync(request);
+        }
+        
+        public System.Threading.Tasks.Task<Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse> printMyBeanAsync() {
+            Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest inValue = new Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanRequest();
+            return ((Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.CertificateManagementOperations)(this)).printMyBeanAsync(inValue);
+        }
+    }
+}
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap
new file mode 100644
index 0000000..83a23ac
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap	
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="utf-8"?>
+<ReferenceGroup xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" ID="2f0f2fcf-28b6-4523-8f97-ba2a0836b2eb" xmlns="urn:schemas-microsoft-com:xml-wcfservicemap">
+  <ClientOptions>
+    <GenerateAsynchronousMethods>false</GenerateAsynchronousMethods>
+    <GenerateTaskBasedAsynchronousMethod>true</GenerateTaskBasedAsynchronousMethod>
+    <EnableDataBinding>true</EnableDataBinding>
+    <ExcludedTypes />
+    <ImportXmlTypes>false</ImportXmlTypes>
+    <GenerateInternalTypes>false</GenerateInternalTypes>
+    <GenerateMessageContracts>false</GenerateMessageContracts>
+    <NamespaceMappings />
+    <CollectionMappings />
+    <GenerateSerializableTypes>true</GenerateSerializableTypes>
+    <Serializer>Auto</Serializer>
+    <UseSerializerForFaults>true</UseSerializerForFaults>
+    <ReferenceAllAssemblies>true</ReferenceAllAssemblies>
+    <ReferencedAssemblies />
+    <ReferencedDataContractTypes />
+    <ServiceContractMappings />
+  </ClientOptions>
+  <MetadataSources>
+    <MetadataSource Address="https://pki-ws.symauth.com/pki-ws/certificateManagementService?wsdl" Protocol="http" SourceId="1" />
+  </MetadataSources>
+  <Metadata>
+    <MetadataFile FileName="certificateManagementService.wsdl" MetadataType="Wsdl" ID="fd6cd88f-37bc-4de8-9541-1f40702891c8" SourceId="1" SourceUrl="https://pki-ws.symauth.com/pki-ws/certificateManagementService?wsdl" />
+    <MetadataFile FileName="certificateManagementService.xsd" MetadataType="Schema" ID="c60f2387-9437-4a42-aba3-c8fbda36281d" SourceId="1" SourceUrl="https://pki-ws.symauth.com/pki-ws/certificateManagementService?xsd=1" />
+  </Metadata>
+  <Extensions>
+    <ExtensionFile FileName="configuration91.svcinfo" Name="configuration91.svcinfo" />
+    <ExtensionFile FileName="configuration.svcinfo" Name="configuration.svcinfo" />
+  </Extensions>
+</ReferenceGroup>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.wsdl b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.wsdl
new file mode 100644
index 0000000..c49a813
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.wsdl	
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="utf-8"?>
+<definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://schemas.verisign.com/pkiservices/2009/07/management" name="certificateManagementService" targetNamespace="http://schemas.verisign.com/pkiservices/2009/07/management" xmlns="http://schemas.xmlsoap.org/wsdl/">
+  <types>
+    <xsd:schema>
+      <xsd:import schemaLocation="https://pki-ws.symauth.com:443/pki-ws/certificateManagementService?xsd=1" namespace="http://schemas.verisign.com/pkiservices/2009/07/management" />
+    </xsd:schema>
+  </types>
+  <message name="bulkUpdateCertificateStatus">
+    <part name="request" element="tns:bulkUpdateCertificateStatusRequest" />
+  </message>
+  <message name="bulkUpdateCertificateStatusResponse">
+    <part name="response" element="tns:bulkUpdateCertificateStatusResponse" />
+  </message>
+  <message name="updateCertificateStatus">
+    <part name="request" element="tns:updateCertificateStatusRequest" />
+  </message>
+  <message name="updateCertificateStatusResponse">
+    <part name="response" element="tns:updateCertificateStatusResponse" />
+  </message>
+  <message name="searchCertificate">
+    <part name="request" element="tns:searchCertificateRequest" />
+  </message>
+  <message name="searchCertificateResponse">
+    <part name="response" element="tns:searchCertificateResponse" />
+  </message>
+  <message name="keyRecovery">
+    <part name="request" element="tns:requestKeyRecoveryMessage" />
+  </message>
+  <message name="keyRecoveryResponse">
+    <part name="response" element="tns:requestKeyRecoveryResponseMessage" />
+  </message>
+  <message name="printMyBean" />
+  <message name="printMyBeanResponse" />
+  <portType name="CertificateManagementOperations">
+    <operation name="bulkUpdateCertificateStatus">
+      <input message="tns:bulkUpdateCertificateStatus" />
+      <output message="tns:bulkUpdateCertificateStatusResponse" />
+    </operation>
+    <operation name="updateCertificateStatus">
+      <input message="tns:updateCertificateStatus" />
+      <output message="tns:updateCertificateStatusResponse" />
+    </operation>
+    <operation name="searchCertificate">
+      <input message="tns:searchCertificate" />
+      <output message="tns:searchCertificateResponse" />
+    </operation>
+    <operation name="keyRecovery">
+      <input message="tns:keyRecovery" />
+      <output message="tns:keyRecoveryResponse" />
+    </operation>
+    <operation name="printMyBean">
+      <input message="tns:printMyBean" />
+      <output message="tns:printMyBeanResponse" />
+    </operation>
+  </portType>
+  <binding name="certificateManagementServiceSOAPBinding" type="tns:CertificateManagementOperations">
+    <soap:binding transport="http://schemas.xmlsoap.org/soap/http" />
+    <operation name="bulkUpdateCertificateStatus">
+      <soap:operation soapAction="http://schemas.verisign.com/pkiservices/2009/07/management/bulkUpdateCertificateStatus" />
+      <input>
+        <soap:body use="literal" />
+      </input>
+      <output>
+        <soap:body use="literal" />
+      </output>
+    </operation>
+    <operation name="updateCertificateStatus">
+      <soap:operation soapAction="http://schemas.verisign.com/pkiservices/2009/07/management/updateCertificateStatus" />
+      <input>
+        <soap:body use="literal" />
+      </input>
+      <output>
+        <soap:body use="literal" />
+      </output>
+    </operation>
+    <operation name="searchCertificate">
+      <soap:operation soapAction="http://schemas.verisign.com/pkiservices/2009/07/management/searchCertificate" />
+      <input>
+        <soap:body use="literal" />
+      </input>
+      <output>
+        <soap:body use="literal" />
+      </output>
+    </operation>
+    <operation name="keyRecovery">
+      <soap:operation soapAction="http://schemas.verisign.com/pkiservices/2009/07/management/keyRecovery" />
+      <input>
+        <soap:body use="literal" />
+      </input>
+      <output>
+        <soap:body use="literal" />
+      </output>
+    </operation>
+    <operation name="printMyBean">
+      <soap:operation soapAction="" />
+      <input>
+        <soap:body use="literal" />
+      </input>
+      <output>
+        <soap:body use="literal" />
+      </output>
+    </operation>
+  </binding>
+  <service name="certificateManagementService">
+    <port name="certificateManagementServiceSOAP" binding="tns:certificateManagementServiceSOAPBinding">
+      <soap:address location="https://pki-ws.symauth.com:443/pki-ws/certificateManagementService" />
+    </port>
+  </service>
+</definitions>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd
new file mode 100644
index 0000000..d59efd6
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd	
@@ -0,0 +1,165 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:tns="http://schemas.verisign.com/pkiservices/2009/07/management" elementFormDefault="qualified" targetNamespace="http://schemas.verisign.com/pkiservices/2009/07/management" version="1.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:element name="bulkUpdateCertificateStatusRequest" type="tns:BulkUpdateCertificateStatusRequestType" />
+  <xs:element name="bulkUpdateCertificateStatusResponse" type="tns:BulkUpdateCertificateStatusResponseType" />
+  <xs:element name="requestKeyRecoveryMessage" type="tns:RequestKeyRecoveryMessageType" />
+  <xs:element name="requestKeyRecoveryResponseMessage" type="tns:RequestKeyRecoveryResponseMessageType" />
+  <xs:element name="searchCertificateRequest" type="tns:SearchCertificateRequestType" />
+  <xs:element name="searchCertificateResponse" type="tns:SearchCertificateResponseType" />
+  <xs:element name="updateCertificateStatusRequest" type="tns:UpdateCertificateStatusRequestType" />
+  <xs:element name="updateCertificateStatusResponse" type="tns:UpdateCertificateStatusResponseType" />
+  <xs:complexType name="RequestKeyRecoveryMessageType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element minOccurs="0" name="pKCS12Password" type="xs:string" />
+      <xs:element name="certificateSerialNumber" type="xs:string" />
+      <xs:element name="certificateIssuer" type="xs:string" />
+      <xs:element name="adminID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="SearchCertificateRequestType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element minOccurs="0" name="seatId" type="xs:string" />
+      <xs:element minOccurs="0" name="accountId" type="xs:string" />
+      <xs:element minOccurs="0" name="profileOID" type="xs:string" />
+      <xs:element minOccurs="0" name="commonName" type="xs:string" />
+      <xs:element minOccurs="0" name="status" type="tns:CertificateStatusEnum" />
+      <xs:element minOccurs="0" name="emailAddress" type="xs:string" />
+      <xs:element minOccurs="0" name="serialNumber" type="xs:string" />
+      <xs:element minOccurs="0" name="issuingCA" type="xs:base64Binary" />
+      <xs:element minOccurs="0" name="validFrom" type="xs:long" />
+      <xs:element minOccurs="0" name="validTo" type="xs:long" />
+      <xs:element minOccurs="0" name="startIndex" type="xs:int" />
+      <xs:element name="version" type="xs:string" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="UpdateCertificateStatusRequestType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:element minOccurs="0" name="certificateIssuer" type="xs:string" />
+      <xs:element minOccurs="0" name="revocationReason" type="tns:RevokeReasonCodeEnum" />
+      <xs:element minOccurs="0" name="challenge" type="xs:string" />
+      <xs:element minOccurs="0" name="comment" type="xs:string" />
+      <xs:element minOccurs="0" name="certificateSerialNumber" type="xs:string" />
+      <xs:element minOccurs="0" name="seatId" type="xs:string" />
+      <xs:element name="operationType" type="tns:OperationTypeEnum" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="BulkUpdateCertificateStatusRequestType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:element minOccurs="0" name="revocationReason" type="tns:RevokeReasonCodeEnum" />
+      <xs:element minOccurs="0" name="comment" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="certificateSerialNumber" nillable="true" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="seatId" nillable="true" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="profileOID" nillable="true" type="xs:string" />
+      <xs:element name="operationType" type="tns:OperationTypeEnum" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="BulkUpdateCertificateStatusResponseType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element minOccurs="0" name="serverTransactionID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:element name="successCode" type="xs:int" />
+      <xs:element name="successMsg" type="xs:string" />
+      <xs:element name="revocationCount" type="xs:int" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="CertificateSearchResultType">
+    <xs:sequence>
+      <xs:element name="certificate" type="xs:base64Binary" />
+      <xs:element name="seatId" type="xs:string" />
+      <xs:element name="commonName" type="xs:string" />
+      <xs:element name="accountId" type="xs:string" />
+      <xs:element name="profileOID" type="xs:string" />
+      <xs:element name="emailAddress" nillable="true" type="xs:string" />
+      <xs:element name="status" type="tns:CertificateStatusEnum" />
+      <xs:element minOccurs="0" name="revokeAt" type="xs:long" />
+      <xs:element minOccurs="0" name="revokeReason" type="tns:RevokeReasonCodeEnum" />
+      <xs:element name="validFrom" type="xs:long" />
+      <xs:element name="validTo" type="xs:long" />
+      <xs:element name="serialNumber" type="xs:string" />
+      <xs:element name="isEscrowed" type="xs:boolean" />
+      <xs:element name="enrollmentNotes" nillable="true" type="xs:string" />
+      <xs:element name="revokeComments" nillable="true" type="xs:string" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="RequestKeyRecoveryResponseMessageType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element name="serverTransactionID" type="xs:string" />
+      <xs:element minOccurs="0" name="adminApprovalPendingCount" type="xs:int" />
+      <xs:element minOccurs="0" name="pKCS12Password" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="pKCS12Message" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="CertificateListType">
+    <xs:sequence>
+      <xs:element maxOccurs="unbounded" name="certificateInformation" type="tns:CertificateSearchResultType" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="SearchCertificateResponseType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element name="serverTransactionID" type="xs:string" />
+      <xs:element name="certificateCount" type="xs:int" />
+      <xs:element minOccurs="0" name="certificateList" type="tns:CertificateListType" />
+      <xs:element minOccurs="0" name="moreCertificateAvailable" type="xs:boolean" />
+      <xs:element name="version" type="xs:string" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="UpdateCertificateStatusResponseType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element minOccurs="0" name="serverTransactionID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:element name="successCode" type="xs:int" />
+      <xs:element name="successMsg" type="xs:string" />
+      <xs:element name="revocationCount" type="xs:int" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:simpleType name="CertificateStatusEnum">
+    <xs:restriction base="xs:string">
+      <xs:enumeration value="VALID" />
+      <xs:enumeration value="EXPIRED" />
+      <xs:enumeration value="REVOKED" />
+      <xs:enumeration value="SUSPENDED" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="RevokeReasonCodeEnum">
+    <xs:restriction base="xs:string">
+      <xs:enumeration value="Unspecified" />
+      <xs:enumeration value="KeyCompromise" />
+      <xs:enumeration value="CACompromise" />
+      <xs:enumeration value="AffiliationChanged" />
+      <xs:enumeration value="CessationOfOperation" />
+      <xs:enumeration value="PrivilegeWithdrawn" />
+      <xs:enumeration value="AACompromise" />
+      <xs:enumeration value="Superseded" />
+      <xs:enumeration value="CertificateHold" />
+      <xs:enumeration value="RemoveFromCRL" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="OperationTypeEnum">
+    <xs:restriction base="xs:string">
+      <xs:enumeration value="Revoke" />
+      <xs:enumeration value="Suspend" />
+      <xs:enumeration value="Resume" />
+    </xs:restriction>
+  </xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration.svcinfo b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration.svcinfo
new file mode 100644
index 0000000..63ad000
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration.svcinfo	
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configurationSnapshot xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="urn:schemas-microsoft-com:xml-wcfconfigurationsnapshot">
+  <behaviors />
+  <bindings>
+    <binding digest="System.ServiceModel.Configuration.BasicHttpBindingElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089:&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt;&lt;Data name=&quot;certificateManagementServiceSOAPBinding&quot;&gt;&lt;security mode=&quot;Transport&quot; /&gt;&lt;/Data&gt;" bindingType="basicHttpBinding" name="certificateManagementServiceSOAPBinding" />
+    <binding digest="System.ServiceModel.Configuration.BasicHttpBindingElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089:&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt;&lt;Data name=&quot;certificateManagementServiceSOAPBinding1&quot; /&gt;" bindingType="basicHttpBinding" name="certificateManagementServiceSOAPBinding1" />
+  </bindings>
+  <endpoints>
+    <endpoint normalizedDigest="&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt;&lt;Data address=&quot;https://pki-ws.symauth.com:443/pki-ws/certificateManagementService&quot; binding=&quot;basicHttpBinding&quot; bindingConfiguration=&quot;certificateManagementServiceSOAPBinding&quot; contract=&quot;DigicertMPKISOAP.CertificateManagementOperations&quot; name=&quot;certificateManagementServiceSOAP&quot; /&gt;" digest="&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt;&lt;Data address=&quot;https://pki-ws.symauth.com:443/pki-ws/certificateManagementService&quot; binding=&quot;basicHttpBinding&quot; bindingConfiguration=&quot;certificateManagementServiceSOAPBinding&quot; contract=&quot;DigicertMPKISOAP.CertificateManagementOperations&quot; name=&quot;certificateManagementServiceSOAP&quot; /&gt;" contractName="DigicertMPKISOAP.CertificateManagementOperations" name="certificateManagementServiceSOAP" />
+  </endpoints>
+</configurationSnapshot>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration91.svcinfo b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration91.svcinfo
new file mode 100644
index 0000000..b49166e
--- /dev/null
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/configuration91.svcinfo	
@@ -0,0 +1,310 @@
+<?xml version="1.0" encoding="utf-8"?>
+<SavedWcfConfigurationInformation xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" Version="9.1" CheckSum="7CiOgM7DtpjpOMBpTfieGcR3L61yKV88seFAxOGA+To=">
+  <bindingConfigurations>
+    <bindingConfiguration bindingType="basicHttpBinding" name="certificateManagementServiceSOAPBinding">
+      <properties>
+        <property path="/name" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>certificateManagementServiceSOAPBinding</serializedValue>
+        </property>
+        <property path="/closeTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/openTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/receiveTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/sendTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/allowCookies" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/bypassProxyOnLocal" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/hostNameComparisonMode" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.HostNameComparisonMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>StrongWildcard</serializedValue>
+        </property>
+        <property path="/maxBufferPoolSize" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/maxBufferSize" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>65536</serializedValue>
+        </property>
+        <property path="/maxReceivedMessageSize" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/proxyAddress" isComplexType="false" isExplicitlyDefined="false" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/readerQuotas" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxDepth" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxStringContentLength" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxArrayLength" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxBytesPerRead" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxNameTableCharCount" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/textEncoding" isComplexType="false" isExplicitlyDefined="false" clrType="System.Text.Encoding, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.Text.UTF8Encoding</serializedValue>
+        </property>
+        <property path="/transferMode" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.TransferMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Buffered</serializedValue>
+        </property>
+        <property path="/useDefaultWebProxy" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/messageEncoding" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.WSMessageEncoding, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Text</serializedValue>
+        </property>
+        <property path="/security" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.BasicHttpSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.BasicHttpSecurityElement</serializedValue>
+        </property>
+        <property path="/security/mode" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.BasicHttpSecurityMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Transport</serializedValue>
+        </property>
+        <property path="/security/transport" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.HttpTransportSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.HttpTransportSecurityElement</serializedValue>
+        </property>
+        <property path="/security/transport/clientCredentialType" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.HttpClientCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>None</serializedValue>
+        </property>
+        <property path="/security/transport/proxyCredentialType" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.HttpProxyCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>None</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy" isComplexType="true" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/policyEnforcement" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.PolicyEnforcement, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Never</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/protectionScenario" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.ProtectionScenario, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>TransportSelected</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/customServiceNames" isComplexType="true" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.Configuration.ServiceNameElementCollection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>(Collection)</serializedValue>
+        </property>
+        <property path="/security/transport/realm" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/security/message" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.BasicHttpMessageSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.BasicHttpMessageSecurityElement</serializedValue>
+        </property>
+        <property path="/security/message/clientCredentialType" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.BasicHttpMessageCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>UserName</serializedValue>
+        </property>
+        <property path="/security/message/algorithmSuite" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.Security.SecurityAlgorithmSuite, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Default</serializedValue>
+        </property>
+      </properties>
+    </bindingConfiguration>
+    <bindingConfiguration bindingType="basicHttpBinding" name="certificateManagementServiceSOAPBinding1">
+      <properties>
+        <property path="/name" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>certificateManagementServiceSOAPBinding1</serializedValue>
+        </property>
+        <property path="/closeTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/openTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/receiveTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/sendTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/allowCookies" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/bypassProxyOnLocal" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/hostNameComparisonMode" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.HostNameComparisonMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>StrongWildcard</serializedValue>
+        </property>
+        <property path="/maxBufferPoolSize" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/maxBufferSize" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>65536</serializedValue>
+        </property>
+        <property path="/maxReceivedMessageSize" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/proxyAddress" isComplexType="false" isExplicitlyDefined="false" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/readerQuotas" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxDepth" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxStringContentLength" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxArrayLength" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxBytesPerRead" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxNameTableCharCount" isComplexType="false" isExplicitlyDefined="false" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>0</serializedValue>
+        </property>
+        <property path="/textEncoding" isComplexType="false" isExplicitlyDefined="false" clrType="System.Text.Encoding, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.Text.UTF8Encoding</serializedValue>
+        </property>
+        <property path="/transferMode" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.TransferMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Buffered</serializedValue>
+        </property>
+        <property path="/useDefaultWebProxy" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/messageEncoding" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.WSMessageEncoding, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Text</serializedValue>
+        </property>
+        <property path="/security" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.BasicHttpSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.BasicHttpSecurityElement</serializedValue>
+        </property>
+        <property path="/security/mode" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.BasicHttpSecurityMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>None</serializedValue>
+        </property>
+        <property path="/security/transport" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.HttpTransportSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.HttpTransportSecurityElement</serializedValue>
+        </property>
+        <property path="/security/transport/clientCredentialType" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.HttpClientCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>None</serializedValue>
+        </property>
+        <property path="/security/transport/proxyCredentialType" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.HttpProxyCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>None</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy" isComplexType="true" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/policyEnforcement" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.PolicyEnforcement, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Never</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/protectionScenario" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.ProtectionScenario, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>TransportSelected</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/customServiceNames" isComplexType="true" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.Configuration.ServiceNameElementCollection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>(Collection)</serializedValue>
+        </property>
+        <property path="/security/transport/realm" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/security/message" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.BasicHttpMessageSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.BasicHttpMessageSecurityElement</serializedValue>
+        </property>
+        <property path="/security/message/clientCredentialType" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.BasicHttpMessageCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>UserName</serializedValue>
+        </property>
+        <property path="/security/message/algorithmSuite" isComplexType="false" isExplicitlyDefined="false" clrType="System.ServiceModel.Security.SecurityAlgorithmSuite, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Default</serializedValue>
+        </property>
+      </properties>
+    </bindingConfiguration>
+  </bindingConfigurations>
+  <endpoints>
+    <endpoint name="certificateManagementServiceSOAP" contract="DigicertMPKISOAP.CertificateManagementOperations" bindingType="basicHttpBinding" address="https://pki-ws.symauth.com/pki-ws/certificateManagementService" bindingConfiguration="certificateManagementServiceSOAPBinding">
+      <properties>
+        <property path="/address" isComplexType="false" isExplicitlyDefined="true" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>https://pki-ws.symauth.com:443/pki-ws/certificateManagementService</serializedValue>
+        </property>
+        <property path="/behaviorConfiguration" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/binding" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>basicHttpBinding</serializedValue>
+        </property>
+        <property path="/bindingConfiguration" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>certificateManagementServiceSOAPBinding</serializedValue>
+        </property>
+        <property path="/contract" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>DigicertMPKISOAP.CertificateManagementOperations</serializedValue>
+        </property>
+        <property path="/headers" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.AddressHeaderCollectionElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.AddressHeaderCollectionElement</serializedValue>
+        </property>
+        <property path="/headers/headers" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.Channels.AddressHeaderCollection, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>&lt;Header /&gt;</serializedValue>
+        </property>
+        <property path="/identity" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.IdentityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.IdentityElement</serializedValue>
+        </property>
+        <property path="/identity/userPrincipalName" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.UserPrincipalNameElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.UserPrincipalNameElement</serializedValue>
+        </property>
+        <property path="/identity/userPrincipalName/value" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/servicePrincipalName" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.ServicePrincipalNameElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.ServicePrincipalNameElement</serializedValue>
+        </property>
+        <property path="/identity/servicePrincipalName/value" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/dns" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.DnsElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.DnsElement</serializedValue>
+        </property>
+        <property path="/identity/dns/value" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/rsa" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.RsaElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.RsaElement</serializedValue>
+        </property>
+        <property path="/identity/rsa/value" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/certificate" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.CertificateElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.CertificateElement</serializedValue>
+        </property>
+        <property path="/identity/certificate/encodedValue" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/certificateReference" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.CertificateReferenceElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.CertificateReferenceElement</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/storeName" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.StoreName, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>My</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/storeLocation" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.StoreLocation, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>LocalMachine</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/x509FindType" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.X509FindType, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>FindBySubjectDistinguishedName</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/findValue" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/certificateReference/isChainIncluded" isComplexType="false" isExplicitlyDefined="false" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>False</serializedValue>
+        </property>
+        <property path="/name" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>certificateManagementServiceSOAP</serializedValue>
+        </property>
+        <property path="/kind" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/endpointConfiguration" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+      </properties>
+    </endpoint>
+  </endpoints>
+</SavedWcfConfigurationInformation>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Constants.cs b/DigiCertSymCaProxy/Constants.cs
index 1932241..3c80669 100644
--- a/DigiCertSymCaProxy/Constants.cs
+++ b/DigiCertSymCaProxy/Constants.cs
@@ -8,6 +8,8 @@ public class Constants
         public static string KeyfactorApiUrl = "KeyfactorApiUrl";
         public static string KeyfactorApiUserId = "KeyfactorApiUserId";
         public static string KeyfactorApiPassword = "KeyfactorApiPassword";
-        public static string SeatList = "SeatList";
+        public static string EndpointAddress = "EndpointAddress";
+        public static string ClientCertificateLocation = "ClientCertificateLocation";
+        public static string ClientCertificatePassword = "ClientCertificatePassword";
     }
 }
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/DigiCertSymProxy.cs b/DigiCertSymCaProxy/DigiCertSymProxy.cs
index 8b00892..216ff3e 100644
--- a/DigiCertSymCaProxy/DigiCertSymProxy.cs
+++ b/DigiCertSymCaProxy/DigiCertSymProxy.cs
@@ -1,6 +1,10 @@
 using System;
 using System.Collections.Concurrent;
 using System.Collections.Generic;
+using System.Net;
+using System.Security.Cryptography.X509Certificates;
+using System.ServiceModel;
+using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
 using CAProxy.AnyGateway;
@@ -11,6 +15,7 @@
 using CSS.PKI;
 using Keyfactor.AnyGateway.DigiCertSym.Client;
 using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
+using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP;
 using Keyfactor.AnyGateway.DigiCertSym.Interfaces;
 using Newtonsoft.Json;
 
@@ -70,7 +75,7 @@ public override void Synchronize(ICertificateDataReader certificateDataReader,
         {
             try
             {
-                var certs = new BlockingCollection<ICertificateDetails>(100);
+                var certs = new BlockingCollection<CertificateSearchResultType>(100);
                 DigiCertSymClient.SubmitQueryOrderRequestAsync(certs, cancelToken, _requestManager);
 
                 foreach (var currentResponseItem in certs.GetConsumingEnumerable(cancelToken))
@@ -83,24 +88,27 @@ public override void Synchronize(ICertificateDataReader certificateDataReader,
 
                     try
                     {
-                        Logger.Trace($"Took Certificate ID {currentResponseItem?.SerialNumber} from Queue");
+                        Logger.Trace($"Took Certificate ID {currentResponseItem?.serialNumber} from Queue");
 
-                        var certStatus = _requestManager.MapReturnStatus(currentResponseItem?.Status);
-
-                        //Keyfactor sync only seems to work when there is a valid cert and I can only get Active valid certs from SSLStore
-                        if (certStatus == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.ISSUED) || certStatus ==
-                            Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.REVOKED))
+                        if (currentResponseItem != null)
                         {
+                            var certStatus = _requestManager.MapReturnStatus(currentResponseItem.status);
 
-                            blockingBuffer.Add(new CAConnectorCertificate
+                            //Keyfactor sync only seems to work when there is a valid cert and I can only get Active valid certs from SSLStore
+                            if (certStatus == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.ISSUED) || certStatus ==
+                                Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.REVOKED))
                             {
-                                CARequestID =
-                                    $"{currentResponseItem?.SerialNumber}",
-                                Certificate = currentResponseItem?.Certificate,
-                                SubmissionDate = Convert.ToDateTime(currentResponseItem?.ValidFrom),
-                                Status = certStatus,
-                                ProductID = $"{currentResponseItem?.Profile.Id}"
-                            }, cancelToken);
+
+                                blockingBuffer.Add(new CAConnectorCertificate
+                                {
+                                    CARequestID =
+                                        $"{currentResponseItem?.serialNumber}",
+                                    Certificate = Encoding.UTF8.GetString(currentResponseItem?.certificate ?? Array.Empty<byte>()),
+                                    SubmissionDate = Convert.ToDateTime(currentResponseItem?.validFrom),
+                                    Status = certStatus,
+                                    ProductID = $"{currentResponseItem?.profileOID}"
+                                }, cancelToken);
+                            }
                         }
                     }
                     catch (OperationCanceledException)
@@ -248,14 +256,16 @@ public override void Initialize(ICAConnectorConfigProvider configProvider)
             try
             {
                 Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
+                var config = (CAConfig)configProvider;
                 _requestManager = new RequestManager
                 {
+                    
                     DnsConstantName = configProvider.CAConnectionData["DnsConstantName"].ToString(),
                     UpnConstantName = configProvider.CAConnectionData["UpnConstantName"].ToString(),
                     IpConstantName = configProvider.CAConnectionData["IpConstantName"].ToString(),
                     EmailConstantName = configProvider.CAConnectionData["EmailConstantName"].ToString()
                 };
-                DigiCertSymClient = new DigiCertSymClient(configProvider);
+                DigiCertSymClient = new DigiCertSymClient(config);
                 Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
             }
             catch (Exception e)
diff --git a/DigiCertSymCaProxy/DigiCertSymProxy.csproj b/DigiCertSymCaProxy/DigiCertSymProxy.csproj
index 3712fbc..a8cb8e2 100644
--- a/DigiCertSymCaProxy/DigiCertSymProxy.csproj
+++ b/DigiCertSymCaProxy/DigiCertSymProxy.csproj
@@ -68,6 +68,7 @@
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.Net.Http.WebRequest" />
+    <Reference Include="System.Runtime.Serialization" />
     <Reference Include="System.Security.Cryptography.Algorithms, Version=4.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>packages\System.Security.Cryptography.Algorithms.4.3.1\lib\net461\System.Security.Cryptography.Algorithms.dll</HintPath>
     </Reference>
@@ -78,6 +79,8 @@
       <HintPath>packages\System.Security.Cryptography.Primitives.4.3.0\lib\net46\System.Security.Cryptography.Primitives.dll</HintPath>
     </Reference>
     <Reference Include="System.Net.Http" />
+    <Reference Include="System.ServiceModel" />
+    <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
     <Compile Include="Client\DigiCertSymClient.cs" />
@@ -88,6 +91,11 @@
     <Compile Include="Client\Models\DigiCertRevokeReasons.cs" />
     <Compile Include="Client\Models\ErrorList.cs" />
     <Compile Include="Client\Models\GetCertificateResponse.cs" />
+    <Compile Include="Connected Services\DigicertMPKISOAP\Reference.cs">
+      <AutoGen>True</AutoGen>
+      <DesignTime>True</DesignTime>
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </Compile>
     <Compile Include="Interfaces\ICertificateSearchRequest.cs" />
     <Compile Include="Interfaces\ICertificateSearchResponse.cs" />
     <Compile Include="Interfaces\IErrorList.cs" />
@@ -151,8 +159,56 @@
   </ItemGroup>
   <ItemGroup>
     <None Include="app.config" />
+    <None Include="Connected Services\DigicertMPKISOAP\certificateManagementService.wsdl" />
+    <None Include="Connected Services\DigicertMPKISOAP\certificateManagementService.xsd">
+      <SubType>Designer</SubType>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.bulkUpdateCertificateStatusResponse.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.BulkUpdateCertificateStatusResponseType.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.keyRecoveryResponse.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.printMyBeanResponse.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.RequestKeyRecoveryResponseMessageType.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.searchCertificateResponse.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.SearchCertificateResponseType.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.updateCertificateStatusResponse.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
+    <None Include="Connected Services\DigicertMPKISOAP\Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP.UpdateCertificateStatusResponseType.datasource">
+      <DependentUpon>Reference.svcmap</DependentUpon>
+    </None>
     <None Include="packages.config" />
   </ItemGroup>
-  <ItemGroup />
+  <ItemGroup>
+    <WCFMetadata Include="Connected Services\" />
+  </ItemGroup>
+  <ItemGroup>
+    <WCFMetadataStorage Include="Connected Services\DigicertMPKISOAP\" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="Connected Services\DigicertMPKISOAP\configuration91.svcinfo" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="Connected Services\DigicertMPKISOAP\configuration.svcinfo" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="Connected Services\DigicertMPKISOAP\Reference.svcmap">
+      <Generator>WCF Proxy Generator</Generator>
+      <LastGenOutput>Reference.cs</LastGenOutput>
+    </None>
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
 </Project>
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs b/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs
index 98f75ab..aa5877f 100644
--- a/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs
+++ b/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs
@@ -2,6 +2,7 @@
 using System.Threading;
 using System.Threading.Tasks;
 using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
+using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP;
 
 namespace Keyfactor.AnyGateway.DigiCertSym.Interfaces
 {
@@ -17,7 +18,7 @@ Task<EnrollmentResponse> SubmitRenewalAsync(string serialNumber,
 
         Task<GetCertificateResponse> SubmitGetCertificateAsync(string serialNumber);
 
-        Task SubmitQueryOrderRequestAsync(BlockingCollection<ICertificateDetails> bc, CancellationToken ct,
+        Task SubmitQueryOrderRequestAsync(BlockingCollection<CertificateSearchResultType> bc, CancellationToken ct,
             RequestManager requestManager);
     }
 }
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/RequestManager.cs b/DigiCertSymCaProxy/RequestManager.cs
index 655cfa8..2a66615 100644
--- a/DigiCertSymCaProxy/RequestManager.cs
+++ b/DigiCertSymCaProxy/RequestManager.cs
@@ -7,6 +7,7 @@
 using CSS.Common.Logging;
 using CSS.PKI;
 using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
+using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP;
 using Keyfactor.AnyGateway.DigiCertSym.Interfaces;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
@@ -70,6 +71,40 @@ public int MapReturnStatus(string digiCertStatus)
             }
         }
 
+        public int MapReturnStatus(CertificateStatusEnum digiCertStatus)
+        {
+            try
+            {
+                Logger.Debug("Entering MapReturnStatus(string digiCertStatus) Method...");
+                Logger.Trace($"digiCertStatus is {digiCertStatus}");
+                PKIConstants.Microsoft.RequestDisposition returnStatus;
+
+                switch (digiCertStatus)
+                {
+                    case CertificateStatusEnum.VALID:
+                        returnStatus = PKIConstants.Microsoft.RequestDisposition.ISSUED;
+                        break;
+                    case CertificateStatusEnum.SUSPENDED:
+                        returnStatus = PKIConstants.Microsoft.RequestDisposition.REVOKED;
+                        break;
+                    case CertificateStatusEnum.EXPIRED:
+                        returnStatus = PKIConstants.Microsoft.RequestDisposition.REVOKED;
+                        break;
+                    default:
+                        returnStatus = PKIConstants.Microsoft.RequestDisposition.UNKNOWN;
+                        break;
+                }
+                Logger.Trace($"returnStatus is {returnStatus}");
+                Logger.Debug("Exiting MapReturnStatus(string digiCertStatus) Method...");
+                return Convert.ToInt32(returnStatus);
+            }
+            catch (Exception e)
+            {
+                Logger.Error($"Exception Occurred in MapReturnStatus(string digiCertStatus): {e.Message}");
+                throw;
+            }
+        }
+
         public RevokeRequest GetRevokeRequest(uint kfRevokeReason)
         {
             try
@@ -134,18 +169,20 @@ public int GetRevokeResult(IRevokeResponse revokeResponse)
             }
         }
 
-        public CertificateSearchRequest GetSearchCertificatesRequest(int pageCounter, string seatId)
+        public SearchCertificateRequestType GetSearchCertificatesRequest(int pageCounter, string templateId)
         {
             try
             {
-                Logger.Debug("Entering GetSearchCertificatesRequest(int pageCounter, string seatId) Method...");
-                Logger.Debug("Exiting GetSearchCertificatesRequest(int pageCounter, string seatId) Method...");
-                Logger.Trace($"pageCounter: {pageCounter} seatId: {seatId}");
-                return new CertificateSearchRequest
+                Logger.Debug("Entering GetSearchCertificatesRequest(int pageCounter, string templateId) Method...");
+                Logger.Debug("Exiting GetSearchCertificatesRequest(int pageCounter, string templateId) Method...");
+                Logger.Trace($"pageCounter: {pageCounter} TemplateId: {templateId}");
+                return new SearchCertificateRequestType
                 {
-                    SeatId = seatId,
-                    StartIndex = pageCounter
-                };
+                    profileOID = templateId,
+                    startIndex= pageCounter,
+                    
+                    version = "1.0"
+            };
             }
             catch (Exception e)
             {
diff --git a/DigiCertSymCaProxy/app.config b/DigiCertSymCaProxy/app.config
index 0517dc5..1cf1443 100644
--- a/DigiCertSymCaProxy/app.config
+++ b/DigiCertSymCaProxy/app.config
@@ -20,4 +20,20 @@
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
+  <system.serviceModel>
+    <bindings>
+      <basicHttpBinding>
+        <binding name="certificateManagementServiceSOAPBinding">
+          <security mode="Transport" />
+        </binding>
+        <binding name="certificateManagementServiceSOAPBinding1" />
+      </basicHttpBinding>
+    </bindings>
+    <client>
+      <endpoint address="https://pki-ws.symauth.com:443/pki-ws/certificateManagementService"
+        binding="basicHttpBinding" bindingConfiguration="certificateManagementServiceSOAPBinding"
+        contract="DigicertMPKISOAP.CertificateManagementOperations"
+        name="certificateManagementServiceSOAP" />
+    </client>
+  </system.serviceModel>
 </configuration>
\ No newline at end of file

From 751ebc286ae6ef17f0b87b47feae4b5af0036586 Mon Sep 17 00:00:00 2001
From: Brian Hill <bhill@keyfactor.com>
Date: Wed, 19 Jan 2022 14:10:43 -0500
Subject: [PATCH 2/4] Fixed Inventory to work with SOAP

---
 .../Client/DigiCertSymClient.cs               | 129 ++--
 .../DigicertMPKISOAP/Reference.svcmap         |   6 +-
 .../certificateManagementService.xsd          | 112 ++--
 DigiCertSymCaProxy/DigiCertSymProxy.cs        | 552 +++++++++---------
 .../Interfaces/IDigiCertSymClient.cs          |   5 +-
 DigiCertSymCaProxy/RequestManager.cs          |   4 +-
 6 files changed, 390 insertions(+), 418 deletions(-)

diff --git a/DigiCertSymCaProxy/Client/DigiCertSymClient.cs b/DigiCertSymCaProxy/Client/DigiCertSymClient.cs
index a0b8111..3fae658 100644
--- a/DigiCertSymCaProxy/Client/DigiCertSymClient.cs
+++ b/DigiCertSymCaProxy/Client/DigiCertSymClient.cs
@@ -1,20 +1,18 @@
 using System;
-using System.Collections.Concurrent;
-using System.Collections.Generic;
+using System.IO;
 using System.Net;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Security.Cryptography.X509Certificates;
 using System.ServiceModel;
 using System.Text;
-using System.Threading;
 using System.Threading.Tasks;
+using System.Xml.Serialization;
 using CAProxy.AnyGateway;
 using CAProxy.AnyGateway.Models.Configuration;
 using CSS.Common.Logging;
 using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
 using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP;
-using Keyfactor.AnyGateway.DigiCertSym.Exceptions;
 using Keyfactor.AnyGateway.DigiCertSym.Interfaces;
 using Newtonsoft.Json;
 
@@ -29,7 +27,6 @@ public DigiCertSymClient(CAConfig config)
                 {
                     BaseUrl = new Uri(config.Config.CAConnection[Constants.DigiCertSymUrl].ToString());
                     ApiKey = config.Config.CAConnection[Constants.DigiCertSymApiKey].ToString();
-                    Templates = config.Config.Templates;
                     ClientCertificateLocation =
                         config.Config.CAConnection[Constants.ClientCertificateLocation].ToString();
                     ClientCertificatePassword =
@@ -47,11 +44,9 @@ public DigiCertSymClient(CAConfig config)
         private Uri BaseUrl { get; }
         private HttpClient RestClient { get; }
         private string ApiKey { get; }
-        private Dictionary<string, ProductModel> Templates { get; }
         private string EndPointAddress { get; }
         private string ClientCertificateLocation { get; }
         private string ClientCertificatePassword { get; }
-        private int PageSize { get; } = 50;
 
 
         public async Task<EnrollmentResponse> SubmitEnrollmentAsync(
@@ -64,20 +59,20 @@ public async Task<EnrollmentResponse> SubmitEnrollmentAsync(
                 {
                     EnrollmentResponse response;
                     Logger.Trace(JsonConvert.SerializeObject(enrollmentRequest));
-                    var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore};
+                    var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore };
                     if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response
                     {
                         var errorResponse =
                             JsonConvert.DeserializeObject<ErrorList>(await resp.Content.ReadAsStringAsync(),
                                 settings);
-                        response = new EnrollmentResponse {RegistrationError = errorResponse, Result = null};
+                        response = new EnrollmentResponse { RegistrationError = errorResponse, Result = null };
                         return response;
                     }
 
                     var registrationResponse =
                         JsonConvert.DeserializeObject<EnrollmentSuccessResponse>(await resp.Content.ReadAsStringAsync(),
                             settings);
-                    response = new EnrollmentResponse {RegistrationError = null, Result = registrationResponse};
+                    response = new EnrollmentResponse { RegistrationError = null, Result = registrationResponse };
                     return response;
                 }
             }
@@ -99,20 +94,20 @@ public async Task<EnrollmentResponse> SubmitRenewalAsync(string serialNumber,
                 {
                     EnrollmentResponse response;
                     Logger.Trace(JsonConvert.SerializeObject(renewalRequest));
-                    var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore};
+                    var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore };
                     if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response
                     {
                         var errorResponse =
                             JsonConvert.DeserializeObject<ErrorList>(await resp.Content.ReadAsStringAsync(),
                                 settings);
-                        response = new EnrollmentResponse {RegistrationError = errorResponse, Result = null};
+                        response = new EnrollmentResponse { RegistrationError = errorResponse, Result = null };
                         return response;
                     }
 
                     var registrationResponse =
                         JsonConvert.DeserializeObject<EnrollmentSuccessResponse>(await resp.Content.ReadAsStringAsync(),
                             settings);
-                    response = new EnrollmentResponse {RegistrationError = null, Result = registrationResponse};
+                    response = new EnrollmentResponse { RegistrationError = null, Result = registrationResponse };
                     return response;
                 }
             }
@@ -133,7 +128,7 @@ public async Task<RevokeResponse> SubmitRevokeCertificateAsync(string serialNumb
                     new StringContent(
                         JsonConvert.SerializeObject(revokeRequest), Encoding.ASCII, "application/json")))
                 {
-                    var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore};
+                    var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore };
                     if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response
                     {
                         var errorResponse =
@@ -145,7 +140,7 @@ public async Task<RevokeResponse> SubmitRevokeCertificateAsync(string serialNumb
                     }
 
                     var getRevokeResponse = await resp.Content.ReadAsStringAsync();
-                    response = new RevokeResponse {RegistrationError = null, Result = getRevokeResponse};
+                    response = new RevokeResponse { RegistrationError = null, Result = getRevokeResponse };
                     return response;
                 }
             }
@@ -164,21 +159,21 @@ public async Task<GetCertificateResponse> SubmitGetCertificateAsync(string seria
                 {
                     Logger.Trace(JsonConvert.SerializeObject(resp));
 
-                    var settings = new JsonSerializerSettings {NullValueHandling = NullValueHandling.Ignore};
+                    var settings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore };
                     GetCertificateResponse response;
                     if (resp.StatusCode == HttpStatusCode.BadRequest) //DigiCert Sends Errors back in 400 Json Response
                     {
                         var errorResponse =
                             JsonConvert.DeserializeObject<ErrorList>(await resp.Content.ReadAsStringAsync(),
                                 settings);
-                        response = new GetCertificateResponse {CertificateError = errorResponse, Result = null};
+                        response = new GetCertificateResponse { CertificateError = errorResponse, Result = null };
                         return response;
                     }
 
                     var certificateResponse =
                         JsonConvert.DeserializeObject<CertificateDetails>(await resp.Content.ReadAsStringAsync(),
                             settings);
-                    response = new GetCertificateResponse {CertificateError = null, Result = certificateResponse};
+                    response = new GetCertificateResponse { CertificateError = null, Result = certificateResponse };
                     return response;
                 }
             }
@@ -189,92 +184,40 @@ public async Task<GetCertificateResponse> SubmitGetCertificateAsync(string seria
             }
         }
 
-        public async Task SubmitQueryOrderRequestAsync(BlockingCollection<CertificateSearchResultType> bc,
-            CancellationToken ct,
-            RequestManager requestManager)
+        public SearchCertificateResponseType SubmitQueryOrderRequest(
+            RequestManager requestManager, ProductModel template,int pageCounter)
         {
             Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
             try
             {
-                var itemsProcessed = 0;
-                var isComplete = false;
+                Logger.Trace($"Processing Template {template.ProductID}");
 
-                foreach (var template in Templates.Values)
-                {
-                    Logger.Trace($"Processing Template {template.ProductID}");
-                    var pageCounter = 0;
-                    do
-                    {
-                        var queryOrderRequest =
-                            requestManager.GetSearchCertificatesRequest(pageCounter, template.ProductID);
-                        var batchItemsProcessed = 0;
-
-                        var bind = new BasicHttpsBinding();
-                        bind.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
-                        var ep = new EndpointAddress(EndPointAddress);
-                        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11;
-                        var client = new CertificateManagementOperationsClient(bind, ep);
-                        var cert = new X509Certificate2(ClientCertificateLocation, ClientCertificatePassword);
-                        if (client.ClientCredentials != null)
-                            client.ClientCredentials.ClientCertificate.Certificate = cert;
-
-
-                        var resp = await client.searchCertificateAsync(queryOrderRequest);
+                var queryOrderRequest =
+                    requestManager.GetSearchCertificatesRequest(pageCounter, template.ProductID);
+                XmlSerializer x = new XmlSerializer(queryOrderRequest.GetType());
+                TextWriter tw = new StringWriter();
+                x.Serialize(tw, queryOrderRequest);
+                Logger.Trace($"Raw Search Cert Soap Request {tw}");
 
-                        if (resp.searchCertificateResponse1.certificateCount == 0)
-                            break; //Profile has no certs move on to the next Profile
+                var bind = new BasicHttpsBinding {MaxReceivedMessageSize = 2147483647};
+                bind.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
+                var ep = new EndpointAddress(EndPointAddress);
+                var client = new CertificateManagementOperationsClient(bind, ep);
+                var cert = new X509Certificate2(ClientCertificateLocation, ClientCertificatePassword);
+                if (client.ClientCredentials != null)
+                    client.ClientCredentials.ClientCertificate.Certificate = cert;
 
-                        var batchResponse = resp.searchCertificateResponse1.certificateList;
-                        var batchCount = batchResponse.Length;
+                var resp = client.searchCertificate(queryOrderRequest);
 
-                        Logger.Trace($"Processing {batchCount} items in batch");
-                        do
-                        {
-                            var r = batchResponse[batchItemsProcessed];
-                            if (bc.TryAdd(r, 10, ct))
-                            {
-                                Logger.Trace($"Added Certificate ID {r.serialNumber} to Queue for processing");
-                                batchItemsProcessed++;
-                                itemsProcessed++;
-                                Logger.Trace($"Processed {batchItemsProcessed} of {batchCount}");
-                                Logger.Trace($"Total Items Processed: {itemsProcessed}");
-                            }
-                            else
-                            {
-                                Logger.Trace($"Adding {r} blocked. Retry");
-                            }
-                        } while (batchItemsProcessed < batchCount); //batch loop
-
-
-                        //assume that if we process less records than requested that we have reached the end of the certificate list
-                        if (batchItemsProcessed < PageSize)
-                            isComplete = true;
-                        pageCounter = pageCounter + PageSize;
-                    } while (!isComplete); //page loop
-                }
-
-                bc.CompleteAdding();
-            }
-            catch (OperationCanceledException cancelEx)
-            {
-                Logger.Warn($"Synchronize method was cancelled. Message: {cancelEx.Message}");
-                bc.CompleteAdding();
-                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-                // ReSharper disable once PossibleIntendedRethrow
-                throw cancelEx;
-            }
-            catch (RetryCountExceededException retryEx)
-            {
-                Logger.Error($"Retries Failed: {retryEx.Message}");
                 Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+
+                return resp;
             }
-            catch (HttpRequestException ex)
+            catch (Exception e)
             {
-                Logger.Error($"HttpRequest Failed: {ex.Message}");
-                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+                Logger.Error($"CertificateSearchResultType Error Occurred {e.Message}");
+                throw;
             }
-
-            Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
         }
 
         private HttpClient ConfigureRestClient()
@@ -282,7 +225,7 @@ private HttpClient ConfigureRestClient()
             try
             {
                 var clientHandler = new WebRequestHandler();
-                var returnClient = new HttpClient(clientHandler, true) {BaseAddress = BaseUrl};
+                var returnClient = new HttpClient(clientHandler, true) { BaseAddress = BaseUrl };
                 returnClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                 returnClient.DefaultRequestHeaders.Add("x-api-key", ApiKey);
                 return returnClient;
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap
index 83a23ac..11bda57 100644
--- a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap	
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/Reference.svcmap	
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<ReferenceGroup xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" ID="2f0f2fcf-28b6-4523-8f97-ba2a0836b2eb" xmlns="urn:schemas-microsoft-com:xml-wcfservicemap">
+<ReferenceGroup xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" ID="ee2a6fff-f525-47c3-b4f8-41b4d4de616b" xmlns="urn:schemas-microsoft-com:xml-wcfservicemap">
   <ClientOptions>
     <GenerateAsynchronousMethods>false</GenerateAsynchronousMethods>
     <GenerateTaskBasedAsynchronousMethod>true</GenerateTaskBasedAsynchronousMethod>
@@ -22,8 +22,8 @@
     <MetadataSource Address="https://pki-ws.symauth.com/pki-ws/certificateManagementService?wsdl" Protocol="http" SourceId="1" />
   </MetadataSources>
   <Metadata>
-    <MetadataFile FileName="certificateManagementService.wsdl" MetadataType="Wsdl" ID="fd6cd88f-37bc-4de8-9541-1f40702891c8" SourceId="1" SourceUrl="https://pki-ws.symauth.com/pki-ws/certificateManagementService?wsdl" />
-    <MetadataFile FileName="certificateManagementService.xsd" MetadataType="Schema" ID="c60f2387-9437-4a42-aba3-c8fbda36281d" SourceId="1" SourceUrl="https://pki-ws.symauth.com/pki-ws/certificateManagementService?xsd=1" />
+    <MetadataFile FileName="certificateManagementService.wsdl" MetadataType="Wsdl" ID="bd48a6f1-6129-4fbc-adf2-de4bcd689470" SourceId="1" SourceUrl="https://pki-ws.symauth.com/pki-ws/certificateManagementService?wsdl" />
+    <MetadataFile FileName="certificateManagementService.xsd" MetadataType="Schema" ID="bd48f35a-2630-49c7-a3aa-5c8219ca93b1" SourceId="1" SourceUrl="https://pki-ws.symauth.com/pki-ws/certificateManagementService?xsd=1" />
   </Metadata>
   <Extensions>
     <ExtensionFile FileName="configuration91.svcinfo" Name="configuration91.svcinfo" />
diff --git a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd
index d59efd6..8fc7dcb 100644
--- a/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd	
+++ b/DigiCertSymCaProxy/Connected Services/DigicertMPKISOAP/certificateManagementService.xsd	
@@ -19,60 +19,9 @@
       <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
     </xs:sequence>
   </xs:complexType>
-  <xs:complexType name="SearchCertificateRequestType">
-    <xs:sequence>
-      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
-      <xs:element minOccurs="0" name="seatId" type="xs:string" />
-      <xs:element minOccurs="0" name="accountId" type="xs:string" />
-      <xs:element minOccurs="0" name="profileOID" type="xs:string" />
-      <xs:element minOccurs="0" name="commonName" type="xs:string" />
-      <xs:element minOccurs="0" name="status" type="tns:CertificateStatusEnum" />
-      <xs:element minOccurs="0" name="emailAddress" type="xs:string" />
-      <xs:element minOccurs="0" name="serialNumber" type="xs:string" />
-      <xs:element minOccurs="0" name="issuingCA" type="xs:base64Binary" />
-      <xs:element minOccurs="0" name="validFrom" type="xs:long" />
-      <xs:element minOccurs="0" name="validTo" type="xs:long" />
-      <xs:element minOccurs="0" name="startIndex" type="xs:int" />
-      <xs:element name="version" type="xs:string" />
-      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
-    </xs:sequence>
-  </xs:complexType>
-  <xs:complexType name="UpdateCertificateStatusRequestType">
-    <xs:sequence>
-      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
-      <xs:element name="version" type="xs:string" />
-      <xs:element minOccurs="0" name="certificateIssuer" type="xs:string" />
-      <xs:element minOccurs="0" name="revocationReason" type="tns:RevokeReasonCodeEnum" />
-      <xs:element minOccurs="0" name="challenge" type="xs:string" />
-      <xs:element minOccurs="0" name="comment" type="xs:string" />
-      <xs:element minOccurs="0" name="certificateSerialNumber" type="xs:string" />
-      <xs:element minOccurs="0" name="seatId" type="xs:string" />
-      <xs:element name="operationType" type="tns:OperationTypeEnum" />
-      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
-    </xs:sequence>
-  </xs:complexType>
-  <xs:complexType name="BulkUpdateCertificateStatusRequestType">
-    <xs:sequence>
-      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
-      <xs:element name="version" type="xs:string" />
-      <xs:element minOccurs="0" name="revocationReason" type="tns:RevokeReasonCodeEnum" />
-      <xs:element minOccurs="0" name="comment" type="xs:string" />
-      <xs:element minOccurs="0" maxOccurs="unbounded" name="certificateSerialNumber" nillable="true" type="xs:string" />
-      <xs:element minOccurs="0" maxOccurs="unbounded" name="seatId" nillable="true" type="xs:string" />
-      <xs:element minOccurs="0" maxOccurs="unbounded" name="profileOID" nillable="true" type="xs:string" />
-      <xs:element name="operationType" type="tns:OperationTypeEnum" />
-      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
-    </xs:sequence>
-  </xs:complexType>
-  <xs:complexType name="BulkUpdateCertificateStatusResponseType">
+  <xs:complexType name="CertificateListType">
     <xs:sequence>
-      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
-      <xs:element minOccurs="0" name="serverTransactionID" type="xs:string" />
-      <xs:element name="version" type="xs:string" />
-      <xs:element name="successCode" type="xs:int" />
-      <xs:element name="successMsg" type="xs:string" />
-      <xs:element name="revocationCount" type="xs:int" />
-      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+      <xs:element maxOccurs="unbounded" name="certificateInformation" type="tns:CertificateSearchResultType" />
     </xs:sequence>
   </xs:complexType>
   <xs:complexType name="CertificateSearchResultType">
@@ -106,9 +55,15 @@
       <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
     </xs:sequence>
   </xs:complexType>
-  <xs:complexType name="CertificateListType">
+  <xs:complexType name="UpdateCertificateStatusResponseType">
     <xs:sequence>
-      <xs:element maxOccurs="unbounded" name="certificateInformation" type="tns:CertificateSearchResultType" />
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element minOccurs="0" name="serverTransactionID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:element name="successCode" type="xs:int" />
+      <xs:element name="successMsg" type="xs:string" />
+      <xs:element name="revocationCount" type="xs:int" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
     </xs:sequence>
   </xs:complexType>
   <xs:complexType name="SearchCertificateResponseType">
@@ -122,7 +77,52 @@
       <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
     </xs:sequence>
   </xs:complexType>
-  <xs:complexType name="UpdateCertificateStatusResponseType">
+  <xs:complexType name="SearchCertificateRequestType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element minOccurs="0" name="seatId" type="xs:string" />
+      <xs:element minOccurs="0" name="accountId" type="xs:string" />
+      <xs:element minOccurs="0" name="profileOID" type="xs:string" />
+      <xs:element minOccurs="0" name="commonName" type="xs:string" />
+      <xs:element minOccurs="0" name="status" type="tns:CertificateStatusEnum" />
+      <xs:element minOccurs="0" name="emailAddress" type="xs:string" />
+      <xs:element minOccurs="0" name="serialNumber" type="xs:string" />
+      <xs:element minOccurs="0" name="issuingCA" type="xs:base64Binary" />
+      <xs:element minOccurs="0" name="validFrom" type="xs:long" />
+      <xs:element minOccurs="0" name="validTo" type="xs:long" />
+      <xs:element minOccurs="0" name="startIndex" type="xs:int" />
+      <xs:element name="version" type="xs:string" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="UpdateCertificateStatusRequestType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:element minOccurs="0" name="certificateIssuer" type="xs:string" />
+      <xs:element minOccurs="0" name="revocationReason" type="tns:RevokeReasonCodeEnum" />
+      <xs:element minOccurs="0" name="challenge" type="xs:string" />
+      <xs:element minOccurs="0" name="comment" type="xs:string" />
+      <xs:element minOccurs="0" name="certificateSerialNumber" type="xs:string" />
+      <xs:element minOccurs="0" name="seatId" type="xs:string" />
+      <xs:element name="operationType" type="tns:OperationTypeEnum" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="BulkUpdateCertificateStatusRequestType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
+      <xs:element name="version" type="xs:string" />
+      <xs:element minOccurs="0" name="revocationReason" type="tns:RevokeReasonCodeEnum" />
+      <xs:element minOccurs="0" name="comment" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="certificateSerialNumber" nillable="true" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="seatId" nillable="true" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="profileOID" nillable="true" type="xs:string" />
+      <xs:element name="operationType" type="tns:OperationTypeEnum" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="BulkUpdateCertificateStatusResponseType">
     <xs:sequence>
       <xs:element minOccurs="0" name="clientTransactionID" type="xs:string" />
       <xs:element minOccurs="0" name="serverTransactionID" type="xs:string" />
diff --git a/DigiCertSymCaProxy/DigiCertSymProxy.cs b/DigiCertSymCaProxy/DigiCertSymProxy.cs
index 216ff3e..bb8ada6 100644
--- a/DigiCertSymCaProxy/DigiCertSymProxy.cs
+++ b/DigiCertSymCaProxy/DigiCertSymProxy.cs
@@ -1,183 +1,210 @@
-using System;
-using System.Collections.Concurrent;
-using System.Collections.Generic;
-using System.Net;
-using System.Security.Cryptography.X509Certificates;
-using System.ServiceModel;
-using System.Text;
-using System.Threading;
-using System.Threading.Tasks;
-using CAProxy.AnyGateway;
-using CAProxy.AnyGateway.Interfaces;
-using CAProxy.AnyGateway.Models;
-using CAProxy.Common;
-using CSS.Common.Logging;
-using CSS.PKI;
-using Keyfactor.AnyGateway.DigiCertSym.Client;
-using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
-using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP;
-using Keyfactor.AnyGateway.DigiCertSym.Interfaces;
-using Newtonsoft.Json;
-
-namespace Keyfactor.AnyGateway.DigiCertSym
-{
-    public class DigiCertSymProxy : BaseCAConnector
-    {
-        private RequestManager _requestManager;
-
-        public DigiCertSymProxy()
-        {
-        }
-
-        private IDigiCertSymClient DigiCertSymClient { get; set; }
-
-
-        public override int Revoke(string caRequestId, string hexSerialNumber, uint revocationReason)
-        {
-            try
-            {
-                Logger.Trace("Staring Revoke Method");
-                var revokeRequest = _requestManager.GetRevokeRequest(revocationReason);
-
-                var revokeResponse =
-                    Task.Run(async () =>
-                            await DigiCertSymClient.SubmitRevokeCertificateAsync(hexSerialNumber, revokeRequest))
-                        .Result;
-
-                Logger.Trace($"Revoke Response JSON: {JsonConvert.SerializeObject(revokeResponse)}");
-
-                var revokeResult = _requestManager.GetRevokeResult(revokeResponse);
-
-                if (revokeResult == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.FAILED))
-                    throw new Exception("Revoke failed");
-
-                return revokeResult;
-            }
-            catch (Exception e)
-            {
-                Logger.Error($"Revoke Error Occurred: {e.Message}");
-                throw;
-            }
-        }
-
-        [Obsolete]
-        public override void Synchronize(ICertificateDataReader certificateDataReader,
-            BlockingCollection<CertificateRecord> blockingBuffer,
-            CertificateAuthoritySyncInfo certificateAuthoritySyncInfo, CancellationToken cancelToken,
-            string logicalName)
-        {
-        }
-
-        public override void Synchronize(ICertificateDataReader certificateDataReader,
-            BlockingCollection<CAConnectorCertificate> blockingBuffer,
-            CertificateAuthoritySyncInfo certificateAuthoritySyncInfo,
-            CancellationToken cancelToken)
-        {
-            try
-            {
-                var certs = new BlockingCollection<CertificateSearchResultType>(100);
-                DigiCertSymClient.SubmitQueryOrderRequestAsync(certs, cancelToken, _requestManager);
-
-                foreach (var currentResponseItem in certs.GetConsumingEnumerable(cancelToken))
-                {
-                    if (cancelToken.IsCancellationRequested)
-                    {
-                        Logger.Error("Synchronize was canceled.");
-                        break;
-                    }
-
-                    try
-                    {
-                        Logger.Trace($"Took Certificate ID {currentResponseItem?.serialNumber} from Queue");
-
-                        if (currentResponseItem != null)
-                        {
-                            var certStatus = _requestManager.MapReturnStatus(currentResponseItem.status);
-
-                            //Keyfactor sync only seems to work when there is a valid cert and I can only get Active valid certs from SSLStore
-                            if (certStatus == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.ISSUED) || certStatus ==
-                                Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.REVOKED))
-                            {
-
-                                blockingBuffer.Add(new CAConnectorCertificate
-                                {
-                                    CARequestID =
-                                        $"{currentResponseItem?.serialNumber}",
-                                    Certificate = Encoding.UTF8.GetString(currentResponseItem?.certificate ?? Array.Empty<byte>()),
-                                    SubmissionDate = Convert.ToDateTime(currentResponseItem?.validFrom),
-                                    Status = certStatus,
-                                    ProductID = $"{currentResponseItem?.profileOID}"
-                                }, cancelToken);
-                            }
-                        }
-                    }
-                    catch (OperationCanceledException)
-                    {
-                        Logger.Error("Synchronize was canceled.");
-                        break;
-                    }
-                }
-            }
-            catch (AggregateException aggEx)
-            {
-                Logger.Error("SslStore Synchronize Task failed!");
-                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-                // ReSharper disable once PossibleIntendedRethrow
-                throw aggEx;
-            }
-
-            Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-        }
-
-        [Obsolete]
-        public override EnrollmentResult Enroll(string csr, string subject, Dictionary<string, string[]> san,
-            EnrollmentProductInfo productInfo,
-            PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType)
-        {
-            return null;
-        }
-
-        public override EnrollmentResult Enroll(ICertificateDataReader certificateDataReader, string csr,
-            string subject, Dictionary<string, string[]> san, EnrollmentProductInfo productInfo,
-            PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType)
-        {
-            Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
-
-            EnrollmentRequest enrollmentRequest;
-            EnrollmentRequest renewRequest;
-
-            try
-            {
-                switch (enrollmentType)
-                {
-                    case RequestUtilities.EnrollmentType.New:
-                        Logger.Trace("Entering New Enrollment");
-                        //If they renewed an expired cert it gets here and this will not be supported
-                        IEnrollmentResponse enrollmentResponse;
-
-                        enrollmentRequest = _requestManager.GetEnrollmentRequest(productInfo, csr, san);
-                        Logger.Trace($"Enrollment Request JSON: {JsonConvert.SerializeObject(enrollmentRequest)}");
-                        enrollmentResponse =
-                            Task.Run(async () => await DigiCertSymClient.SubmitEnrollmentAsync(enrollmentRequest))
-                                .Result;
-
-                        if (enrollmentResponse?.Result == null)
-                            return new EnrollmentResult
-                            {
-                                Status = 30, //failure
-                                StatusMessage =
-                                    $"Enrollment Failed: {_requestManager.FlattenErrors(enrollmentResponse?.RegistrationError.Errors)}"
-                            };
-
-
-                        Logger.Trace($"Enrollment Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}");
-
-                        Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-                        return _requestManager.GetEnrollmentResult(enrollmentResponse);
-                    case RequestUtilities.EnrollmentType.Renew:
-                    case RequestUtilities.EnrollmentType.Reissue:
+using System;
+using System.Collections.Concurrent;
+using System.Collections.Generic;
+using System.IO;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+using System.Xml.Serialization;
+using CAProxy.AnyGateway;
+using CAProxy.AnyGateway.Interfaces;
+using CAProxy.AnyGateway.Models;
+using CAProxy.AnyGateway.Models.Configuration;
+using CAProxy.Common;
+using CSS.Common.Logging;
+using CSS.PKI;
+using Keyfactor.AnyGateway.DigiCertSym.Client;
+using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
+using Keyfactor.AnyGateway.DigiCertSym.Interfaces;
+using Newtonsoft.Json;
+
+namespace Keyfactor.AnyGateway.DigiCertSym
+{
+    public class DigiCertSymProxy : BaseCAConnector
+    {
+        private RequestManager _requestManager;
+
+        private IDigiCertSymClient DigiCertSymClient { get; set; }
+
+        private Dictionary<string, ProductModel> Templates { get; set; }
+
+
+        public override int Revoke(string caRequestId, string hexSerialNumber, uint revocationReason)
+        {
+            try
+            {
+                Logger.Trace("Staring Revoke Method");
+                var revokeRequest = _requestManager.GetRevokeRequest(revocationReason);
+
+                var revokeResponse =
+                    Task.Run(async () =>
+                            await DigiCertSymClient.SubmitRevokeCertificateAsync(hexSerialNumber, revokeRequest))
+                        .Result;
+
+                Logger.Trace($"Revoke Response JSON: {JsonConvert.SerializeObject(revokeResponse)}");
+
+                var revokeResult = _requestManager.GetRevokeResult(revokeResponse);
+
+                if (revokeResult == Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.FAILED))
+                    throw new Exception("Revoke failed");
+
+                return revokeResult;
+            }
+            catch (Exception e)
+            {
+                Logger.Error($"Revoke Error Occurred: {e.Message}");
+                throw;
+            }
+        }
+
+        [Obsolete]
+        public override void Synchronize(ICertificateDataReader certificateDataReader,
+            BlockingCollection<CertificateRecord> blockingBuffer,
+            CertificateAuthoritySyncInfo certificateAuthoritySyncInfo, CancellationToken cancelToken,
+            string logicalName)
+        {
+        }
+
+        public override void Synchronize(ICertificateDataReader certificateDataReader,
+            BlockingCollection<CAConnectorCertificate> blockingBuffer,
+            CertificateAuthoritySyncInfo certificateAuthoritySyncInfo,
+            CancellationToken cancelToken)
+        {
+            try
+            {
+                //Loop through all the Digicert Profile OIDs that are setup in the config file
+                foreach (var productModel in Templates.Values)
+                {
+
+                    var pageCounter = 0;
+                    var pageSize = 50;
+                    var result = DigiCertSymClient.SubmitQueryOrderRequest(_requestManager, productModel, pageCounter);
+                    var totalResults = result.certificateCount;
+                    var totalPages = (totalResults + pageSize-1)/pageSize;
+
+                    Logger.Trace($"Product Model {productModel} Total Results {totalResults}, Total Pages {totalPages}");
+
+                    if (result.certificateCount > 0)
+                    {
+                        for (var i = 0; i < totalPages; i++)
+                        {
+                            //If you need multiple pages make the request again
+                            if (pageCounter > 0)
+                            {
+                                result = DigiCertSymClient.SubmitQueryOrderRequest(_requestManager, productModel,
+                                    pageCounter);
+                            }
+
+                            XmlSerializer x = new XmlSerializer(result.GetType());
+                            TextWriter tw = new StringWriter();
+                            x.Serialize(tw, result);
+                            Logger.Trace($"Raw Search Cert Soap Response {tw}");
+
+                            foreach (var currentResponseItem in result.certificateList)
+                            {
+                                try
+                                {
+                                    Logger.Trace($"Took Certificate ID {currentResponseItem?.serialNumber} from Queue");
+
+                                    if (currentResponseItem != null)
+                                    {
+                                        var certStatus = _requestManager.MapReturnStatus(currentResponseItem.status);
+                                        Logger.Trace($"Certificate Status {certStatus}");
+                                        
+                                        DateTime dateTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
+
+                                        //Keyfactor sync only seems to work when there is a valid cert and I can only get Active valid certs from SSLStore
+                                        if (certStatus ==
+                                            Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.ISSUED) ||
+                                            certStatus ==
+                                            Convert.ToInt32(PKIConstants.Microsoft.RequestDisposition.REVOKED))
+                                        {
+                                            
+                                            blockingBuffer.Add(new CAConnectorCertificate
+                                            {
+                                                CARequestID =
+                                                    $"{currentResponseItem.serialNumber}",
+                                                Certificate = Encoding.UTF8.GetString(currentResponseItem.certificate ??
+                                                    Array.Empty<byte>()),
+                                                SubmissionDate = dateTime.AddSeconds(currentResponseItem.validFrom)
+                                                    .ToLocalTime(),
+                                                Status = certStatus,
+                                                ProductID = $"{currentResponseItem.profileOID}"
+                                            }, cancelToken);
+                                        }
+                                    }
+                                }
+                                catch (OperationCanceledException e)
+                                {
+                                    Logger.Error($"Synchronize was canceled. {e.Message}");
+                                    break;
+                                }
+                            }
+                            pageCounter += pageSize;
+                        }
+                    }
+                }
+            }
+            catch (AggregateException aggEx)
+            {
+                Logger.Error("Digicert mPKI Synchronize Task failed!");
+                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+                // ReSharper disable once PossibleIntendedRethrow
+                throw aggEx;
+            }
+
+            Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+        }
+
+        [Obsolete]
+        public override EnrollmentResult Enroll(string csr, string subject, Dictionary<string, string[]> san,
+            EnrollmentProductInfo productInfo,
+            PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType)
+        {
+            return null;
+        }
+
+        public override EnrollmentResult Enroll(ICertificateDataReader certificateDataReader, string csr,
+            string subject, Dictionary<string, string[]> san, EnrollmentProductInfo productInfo,
+            PKIConstants.X509.RequestFormat requestFormat, RequestUtilities.EnrollmentType enrollmentType)
+        {
+            Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
+
+            EnrollmentRequest enrollmentRequest;
+            EnrollmentRequest renewRequest;
+
+            try
+            {
+                switch (enrollmentType)
+                {
+                    case RequestUtilities.EnrollmentType.New:
+                        Logger.Trace("Entering New Enrollment");
+                        //If they renewed an expired cert it gets here and this will not be supported
+                        IEnrollmentResponse enrollmentResponse;
+
+                        enrollmentRequest = _requestManager.GetEnrollmentRequest(productInfo, csr, san);
+                        Logger.Trace($"Enrollment Request JSON: {JsonConvert.SerializeObject(enrollmentRequest)}");
+                        enrollmentResponse =
+                            Task.Run(async () => await DigiCertSymClient.SubmitEnrollmentAsync(enrollmentRequest))
+                                .Result;
+
+                        if (enrollmentResponse?.Result == null)
+                            return new EnrollmentResult
+                            {
+                                Status = 30, //failure
+                                StatusMessage =
+                                    $"Enrollment Failed: {_requestManager.FlattenErrors(enrollmentResponse?.RegistrationError.Errors)}"
+                            };
+
+
+                        Logger.Trace($"Enrollment Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}");
+
+                        Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+                        return _requestManager.GetEnrollmentResult(enrollmentResponse);
+                    case RequestUtilities.EnrollmentType.Renew:
+                    case RequestUtilities.EnrollmentType.Reissue:
                         Logger.Trace("Entering Renew Enrollment");
-                        Logger.Trace("Checking To Make sure it is not one click renew (not supported)");
+                        Logger.Trace("Checking To Make sure it is not one click renew (not supported)");
                         //KeyFactor needs a better way to detect one click renewals, some flag or something
                         if (productInfo.ProductParameters.Count > 7)
                         {
@@ -196,10 +223,10 @@ await DigiCertSymClient.SubmitRenewalAsync(priorCertSn, renewRequest))
                                     StatusMessage =
                                         $"Enrollment Failed {_requestManager.FlattenErrors(renewResponse?.RegistrationError.Errors)}"
                                 };
-                            
+
                             Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-                            return _requestManager.GetRenewResponse(renewResponse);
-                        }
+                            return _requestManager.GetRenewResponse(renewResponse);
+                        }
                         else
                         {
                             return new EnrollmentResult
@@ -208,84 +235,85 @@ await DigiCertSymClient.SubmitRenewalAsync(priorCertSn, renewRequest))
                                 StatusMessage =
                                 "One Click Renew is not available for this integration.  Need to specify validity and seat enrollment params."
                             };
-                        }
-
-                }
-
-                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-                return null;
-            }
-            catch (Exception e)
-            {
-                Logger.Error($"Enrollment Error Occurred: {e.Message}");
-                throw;
-            }
-        }
-
-
-        public override CAConnectorCertificate GetSingleRecord(string caRequestId)
-        {
-            try
-            {
-                Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
-                var keyfactorCaId = caRequestId;
-                Logger.Trace($"Keyfactor Ca Id: {keyfactorCaId}");
-                var certificateResponse =
-                    Task.Run(async () => await DigiCertSymClient.SubmitGetCertificateAsync(keyfactorCaId))
-                        .Result;
-
-                Logger.Trace($"Single Cert JSON: {JsonConvert.SerializeObject(certificateResponse)}");
-                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-                return new CAConnectorCertificate
-                {
-                    CARequestID = keyfactorCaId,
-                    Certificate = certificateResponse.Result.Certificate,
-                    Status = _requestManager.MapReturnStatus(certificateResponse.Result.Status),
-                    SubmissionDate = Convert.ToDateTime(certificateResponse.Result.ValidFrom)
-                };
-            }
-            catch (Exception e)
-            {
-                Logger.Error($"GetSingleRecord Error Occurred: {e.Message}");
-                throw;
-            }
-        }
-
-        public override void Initialize(ICAConnectorConfigProvider configProvider)
-        {
-            try
-            {
-                Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
-                var config = (CAConfig)configProvider;
-                _requestManager = new RequestManager
-                {
-                    
-                    DnsConstantName = configProvider.CAConnectionData["DnsConstantName"].ToString(),
-                    UpnConstantName = configProvider.CAConnectionData["UpnConstantName"].ToString(),
-                    IpConstantName = configProvider.CAConnectionData["IpConstantName"].ToString(),
-                    EmailConstantName = configProvider.CAConnectionData["EmailConstantName"].ToString()
-                };
-                DigiCertSymClient = new DigiCertSymClient(config);
-                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
-            }
-            catch (Exception e)
-            {
-                Logger.Error($"Initialize Error Occurred: {e.Message}");
-                throw;
-            }
-        }
-
-        public override void Ping()
-        {
-        }
-
-        public override void ValidateCAConnectionInfo(Dictionary<string, object> connectionInfo)
-        {
-        }
-
-        public override void ValidateProductInfo(EnrollmentProductInfo productInfo,
-            Dictionary<string, object> connectionInfo)
-        {
-        }
-    }
+                        }
+
+                }
+
+                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+                return null;
+            }
+            catch (Exception e)
+            {
+                Logger.Error($"Enrollment Error Occurred: {e.Message}");
+                throw;
+            }
+        }
+
+
+        public override CAConnectorCertificate GetSingleRecord(string caRequestId)
+        {
+            try
+            {
+                Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
+                var keyfactorCaId = caRequestId;
+                Logger.Trace($"Keyfactor Ca Id: {keyfactorCaId}");
+                var certificateResponse =
+                    Task.Run(async () => await DigiCertSymClient.SubmitGetCertificateAsync(keyfactorCaId))
+                        .Result;
+
+                Logger.Trace($"Single Cert JSON: {JsonConvert.SerializeObject(certificateResponse)}");
+                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+                return new CAConnectorCertificate
+                {
+                    CARequestID = keyfactorCaId,
+                    Certificate = certificateResponse.Result.Certificate,
+                    Status = _requestManager.MapReturnStatus(certificateResponse.Result.Status),
+                    SubmissionDate = Convert.ToDateTime(certificateResponse.Result.ValidFrom)
+                };
+            }
+            catch (Exception e)
+            {
+                Logger.Error($"GetSingleRecord Error Occurred: {e.Message}");
+                throw;
+            }
+        }
+
+        public override void Initialize(ICAConnectorConfigProvider configProvider)
+        {
+            try
+            {
+                Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
+                var config = (CAConfig)configProvider;
+                _requestManager = new RequestManager
+                {
+
+                    DnsConstantName = configProvider.CAConnectionData["DnsConstantName"].ToString(),
+                    UpnConstantName = configProvider.CAConnectionData["UpnConstantName"].ToString(),
+                    IpConstantName = configProvider.CAConnectionData["IpConstantName"].ToString(),
+                    EmailConstantName = configProvider.CAConnectionData["EmailConstantName"].ToString()
+                };
+                DigiCertSymClient = new DigiCertSymClient(config);
+                Templates = config.Config.Templates;
+                Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);
+            }
+            catch (Exception e)
+            {
+                Logger.Error($"Initialize Error Occurred: {e.Message}");
+                throw;
+            }
+        }
+
+        public override void Ping()
+        {
+        }
+
+        public override void ValidateCAConnectionInfo(Dictionary<string, object> connectionInfo)
+        {
+        }
+
+        public override void ValidateProductInfo(EnrollmentProductInfo productInfo,
+            Dictionary<string, object> connectionInfo)
+        {
+        }
+    }
 }
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs b/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs
index aa5877f..61195bb 100644
--- a/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs
+++ b/DigiCertSymCaProxy/Interfaces/IDigiCertSymClient.cs
@@ -1,6 +1,7 @@
 using System.Collections.Concurrent;
 using System.Threading;
 using System.Threading.Tasks;
+using CAProxy.AnyGateway.Models.Configuration;
 using Keyfactor.AnyGateway.DigiCertSym.Client.Models;
 using Keyfactor.AnyGateway.DigiCertSym.DigicertMPKISOAP;
 
@@ -18,7 +19,7 @@ Task<EnrollmentResponse> SubmitRenewalAsync(string serialNumber,
 
         Task<GetCertificateResponse> SubmitGetCertificateAsync(string serialNumber);
 
-        Task SubmitQueryOrderRequestAsync(BlockingCollection<CertificateSearchResultType> bc, CancellationToken ct,
-            RequestManager requestManager);
+        SearchCertificateResponseType SubmitQueryOrderRequest(
+            RequestManager requestManager, ProductModel template, int pageCounter);
     }
 }
\ No newline at end of file
diff --git a/DigiCertSymCaProxy/RequestManager.cs b/DigiCertSymCaProxy/RequestManager.cs
index 2a66615..7062fbb 100644
--- a/DigiCertSymCaProxy/RequestManager.cs
+++ b/DigiCertSymCaProxy/RequestManager.cs
@@ -180,7 +180,7 @@ public SearchCertificateRequestType GetSearchCertificatesRequest(int pageCounter
                 {
                     profileOID = templateId,
                     startIndex= pageCounter,
-                    
+                    startIndexSpecified=true,
                     version = "1.0"
             };
             }
@@ -441,7 +441,7 @@ internal string FlattenErrors(List<ErrorResponse> errors)
             {
                 Logger.Debug("Entering in FlattenErrors(List<ErrorResponse> errors) Method...");
                 var errorMessage = string.Empty;
-                foreach (var error in errors) errorMessage += "Code: " + error.Code + " Message: " + error.Message + "Field Name: " + error?.Field + "\n";
+                foreach (var error in errors) errorMessage += "Code: " + error.Code + " Message: " + error.Message + "Field Name: " + error.Field + "\n";
                 Logger.Debug("Exiting in FlattenErrors(List<ErrorResponse> errors) Method...");
                 return errorMessage;
             }

From e6b1ea81e29aba3b9b133606cbc97fe9478e9e7f Mon Sep 17 00:00:00 2001
From: Brian Hill <bhill@keyfactor.com>
Date: Fri, 21 Jan 2022 15:09:06 -0500
Subject: [PATCH 3/4] documentation updates for soap inventory

---
 README.md.tpl     | 47 +++++++++++++++++++++++++++++++++++++++--------
 SampleConfig.json |  9 ++++++---
 2 files changed, 45 insertions(+), 11 deletions(-)

diff --git a/README.md.tpl b/README.md.tpl
index 9dd2beb..9acca88 100644
--- a/README.md.tpl
+++ b/README.md.tpl
@@ -130,7 +130,11 @@ the CA.  Without the imported configuration, the service will fail to start.
 4) **KeyfactorApiPassword** - Password for user in Keyfactor with access to Keyfactor API for REST API Calls to Keyfactor
 5) **KeyfactorApiUrl** - URL for Keyfactor API for REST API Calls to Keyfactor
 6) **SeatList** - Comma Separated list of Seats to inventory for the Gateway inventory process
-7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup.
+7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup.  Try the default values first and they can be adjusted if errors occur.
+8) **ClientCertificateLocation** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section.  This is the location of the pfx to use for the client certificate.
+9) **ClientCertificatePassword** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section.  This is the password for the PFX file to use for the client certificate.
+8) **EndpointAddress** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section.  This is endpoint address for the SOAP API.  You will want a differnt value than the test version in production.
+
 ```
 	"CAConnection": {
 		"DigiCertSymUrl": "https://pki-ws-rest.symauth.com/mpki/api/v1",
@@ -138,16 +142,16 @@ the CA.  Without the imported configuration, the service will fail to start.
 		"KeyfactorApiUserId": "Keyfactor\\Administrator",
 		"KeyfactorApiPassword": "Password1",
 		"KeyfactorApiUrl": "https://kftrain.keyfactor.lab/KeyfactorAPI",
-		"SeatList": "Keyfactor Portal,www.boingy.com",
-	        "DnsConstantName":"dnsName",
-	        "UpnConstantName":"otherNameUPN",
-	        "IpConstantName":"san_ipAddress",
-	        "EmailConstantName":"mail_email"
+		"DnsConstantName": "dnsName",
+		"UpnConstantName": "otherNameUPN",
+		"IpConstantName": "san_ipAddress",
+		"EmailConstantName": "mail_email",
+		"ClientCertificateLocation": "C:\\Program Files\\Keyfactor\\Keyfactor AnyGateway\\KeyfactorMPki.pfx",
+		"ClientCertificatePassword": "SomePassword!",
+		"EndpointAddress": "https://pki-ws.symauth.com/pki-ws/certificateManagementService"
 	}
 ```
 
-
-
 - **Template Settings**
 1) **ProductID** - OID for profile generated in Digicert mPKI
 2) **EnrollmentTemplate** - Template JSON used to generate a enrollment request explained later in this document
@@ -240,6 +244,33 @@ Enrollment Format Specifications Located [here](https://pki-ws-rest.symauth.com/
 
 1) **Command Server** - Install a tempate into Active Directory to match each profile that you want to integrate with in DigiCertSym mPKI
 
+### SOAP Inventory Setup
+
+The Digicert mPKI REST API does not support inventory so the SOAP API is required to inventory all of the certs for the profiles listed in config.json file.
+In order to use the SOAP API, you need a client certificate from the Digicert mPKI Portal.  The steps to obtain a certfificate are outlined in the documentation
+listed [here](https://knowledge.digicert.com/content/dam/digicertknowledgebase/attachments/pki-platform/soap-api-client-package/pki-web-services-developers-guide.pdf).
+
+1) Follow the instructions in section 2.6.1 of the above document.
+2) Export the keystore to a PFX file with a similar command that is listed below:
+```keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki3.pfx -deststoretype PKCS12```
+3) Import the PFX Certificate to the computer it was generated on.
+4) Export the PFX to a file from that same machine's certificate store and copy it to the same directory where the config.json is located.
+
+Sample Commands for a Test Envrionment are below:
+```
+keytool -genkey -alias pki_ra -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -dname "CN=pki_ra" -keypass SomePassword -keystore KeyfactorMPki3 -storepass SomePassword
+
+keytool -certreq -alias pki_ra -sigalg SHA256withRSA -file pki_raCSR.req -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -import -alias pki_ra -file cert.p7b -noprompt -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -import -trustcacerts -alias pki_ca -file SYMC_Test_Drive_RA_Intermediate_CA.cer -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -import -trustcacerts -alias root -file SYMC_Managed_PKI_Infrastructure_Test_Drive_Root.cer -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki2.pfx -deststoretype PKCS12
+```
+
 ### Certificate Authority Installation
 1) **Gateway Server** - Start the Keyfactor Gateway Service
 2) Run the set Gateway command similar to below
diff --git a/SampleConfig.json b/SampleConfig.json
index 5824ca9..eabb3c5 100644
--- a/SampleConfig.json
+++ b/SampleConfig.json
@@ -25,11 +25,14 @@
 		"KeyfactorApiUserId": "Keyfactor\\Administrator",
 		"KeyfactorApiPassword": "Password1",
 		"KeyfactorApiUrl": "https://kftrain.keyfactor.lab/KeyfactorAPI",
-		"SeatList": "Keyfactor Portal,www.boingy.com",
+		"SeatList": "NonExistingKey,Key2,Keyfactor Portal,www.wakko.com",
 		"DnsConstantName": "dnsName",
 		"UpnConstantName": "otherNameUPN",
 		"IpConstantName": "san_ipAddress",
-		"EmailConstantName": "mail_email"
+		"EmailConstantName": "mail_email",
+		"ClientCertificateLocation": "C:\\Program Files\\Keyfactor\\Keyfactor AnyGateway\\KeyfactorMPki.pfx",
+		"ClientCertificatePassword": "SomePassword",
+		"EndpointAddress": "https://pki-ws.symauth.com/pki-ws/certificateManagementService"
 	},
 	"Templates": {
 		"Microsoft Wi-Fi (Test Drive)": {
@@ -65,4 +68,4 @@
 		"FullScanPeriodHours": 1,
 		"PartialScanPeriodMinutes": 1
 	}
-}
+}
\ No newline at end of file

From e7834a51b13f224199c5c05ca5915c5667b2a238 Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Fri, 21 Jan 2022 20:09:37 +0000
Subject: [PATCH 4/4] Update generated README

---
 README.md | 47 +++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 39 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 82f6a56..8bb6bc4 100644
--- a/README.md
+++ b/README.md
@@ -130,7 +130,11 @@ the CA.  Without the imported configuration, the service will fail to start.
 4) **KeyfactorApiPassword** - Password for user in Keyfactor with access to Keyfactor API for REST API Calls to Keyfactor
 5) **KeyfactorApiUrl** - URL for Keyfactor API for REST API Calls to Keyfactor
 6) **SeatList** - Comma Separated list of Seats to inventory for the Gateway inventory process
-7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup.
+7) **ConstantNames** - These were made configurable because the digicert API expects these to be named differently depending on the setup.  Try the default values first and they can be adjusted if errors occur.
+8) **ClientCertificateLocation** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section.  This is the location of the pfx to use for the client certificate.
+9) **ClientCertificatePassword** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section.  This is the password for the PFX file to use for the client certificate.
+8) **EndpointAddress** - This is for the SOAP Inventory as explained in the SOAP Inventory Setup section.  This is endpoint address for the SOAP API.  You will want a differnt value than the test version in production.
+
 ```
 	"CAConnection": {
 		"DigiCertSymUrl": "https://pki-ws-rest.symauth.com/mpki/api/v1",
@@ -138,16 +142,16 @@ the CA.  Without the imported configuration, the service will fail to start.
 		"KeyfactorApiUserId": "Keyfactor\\Administrator",
 		"KeyfactorApiPassword": "Password1",
 		"KeyfactorApiUrl": "https://kftrain.keyfactor.lab/KeyfactorAPI",
-		"SeatList": "Keyfactor Portal,www.boingy.com",
-	        "DnsConstantName":"dnsName",
-	        "UpnConstantName":"otherNameUPN",
-	        "IpConstantName":"san_ipAddress",
-	        "EmailConstantName":"mail_email"
+		"DnsConstantName": "dnsName",
+		"UpnConstantName": "otherNameUPN",
+		"IpConstantName": "san_ipAddress",
+		"EmailConstantName": "mail_email",
+		"ClientCertificateLocation": "C:\\Program Files\\Keyfactor\\Keyfactor AnyGateway\\KeyfactorMPki.pfx",
+		"ClientCertificatePassword": "SomePassword!",
+		"EndpointAddress": "https://pki-ws.symauth.com/pki-ws/certificateManagementService"
 	}
 ```
 
-
-
 - **Template Settings**
 1) **ProductID** - OID for profile generated in Digicert mPKI
 2) **EnrollmentTemplate** - Template JSON used to generate a enrollment request explained later in this document
@@ -240,6 +244,33 @@ Enrollment Format Specifications Located [here](https://pki-ws-rest.symauth.com/
 
 1) **Command Server** - Install a tempate into Active Directory to match each profile that you want to integrate with in DigiCertSym mPKI
 
+### SOAP Inventory Setup
+
+The Digicert mPKI REST API does not support inventory so the SOAP API is required to inventory all of the certs for the profiles listed in config.json file.
+In order to use the SOAP API, you need a client certificate from the Digicert mPKI Portal.  The steps to obtain a certfificate are outlined in the documentation
+listed [here](https://knowledge.digicert.com/content/dam/digicertknowledgebase/attachments/pki-platform/soap-api-client-package/pki-web-services-developers-guide.pdf).
+
+1) Follow the instructions in section 2.6.1 of the above document.
+2) Export the keystore to a PFX file with a similar command that is listed below:
+```keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki3.pfx -deststoretype PKCS12```
+3) Import the PFX Certificate to the computer it was generated on.
+4) Export the PFX to a file from that same machine's certificate store and copy it to the same directory where the config.json is located.
+
+Sample Commands for a Test Envrionment are below:
+```
+keytool -genkey -alias pki_ra -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -dname "CN=pki_ra" -keypass SomePassword -keystore KeyfactorMPki3 -storepass SomePassword
+
+keytool -certreq -alias pki_ra -sigalg SHA256withRSA -file pki_raCSR.req -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -import -alias pki_ra -file cert.p7b -noprompt -keypass SomePassword -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -import -trustcacerts -alias pki_ca -file SYMC_Test_Drive_RA_Intermediate_CA.cer -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -import -trustcacerts -alias root -file SYMC_Managed_PKI_Infrastructure_Test_Drive_Root.cer -keystore KeyfactorMPki2 -storepass SomePassword
+
+keytool -importkeystore -srckeystore KeyfactorMPki.jks -srcstoretype JKS -destkeystore KeyfactorMPki2.pfx -deststoretype PKCS12
+```
+
 ### Certificate Authority Installation
 1) **Gateway Server** - Start the Keyfactor Gateway Service
 2) Run the set Gateway command similar to below