// SSL http://www.incommon.org/cert/repository/InCommon_CM_SSL_Web_Service_API.pdf
// see also FAQ and samples at https://spaces.internet2.edu/display/InCCollaborate/Certificate+API+References

// Add Web Reference to https://cert-manager.com/ws/EPKIManagerSSL?wsdl
// Name: com.cert_managerSSL
com.cert_managerSSL.EPKIManagerSSLService sslService = new com.cert_managerSSL.EPKIManagerSSLService();
//sslService.Url = "https://cert-manager.com/ws/EPKIManagerSSL";

//string webServiceInfo = sslService.getWebServiceInfo();

com.cert_managerSSL.authData sslAuthData = new com.cert_managerSSL.authData();
sslAuthData.customerLoginUri = "InCommon"; // This must be "InCommon"--it is not a URI.
sslAuthData.login = "YOUR LOGIN NAME"; // login and password are same as at CM: https://cert-manager.com/customer/InCommon
sslAuthData.password = Password.Text;

int orgId = 123;       // from CM UI: Settings, Orgs, Departments, Edit, SSL, check Web API, then see ID
string secretKey = "YOUR KEY"; // from CM UI: Settings, Orgs, Departments, Edit, SSL, Secret Key

// csr came from server.csr:
// openssl req -nodes -md5 -newkey rsa:2048 -keyout server.key -out server.csr
string csr = @"-----BEGIN CERTIFICATE REQUEST-----
MIIC ...
-----END CERTIFICATE REQUEST-----
";

string revocationPhrase = "YOUR PHRASE HERE";
string subjAltNames = "san1.example.edu,san2.example.edu"; // comma delimited

com.cert_managerSSL.customerCertTypeResponse certTypesResponse = new com.cert_managerSSL.customerCertTypeResponse();
certTypesResponse = sslService.getCustomerCertTypes(sslAuthData);
com.cert_managerSSL.customerCertType certType = certTypesResponse.types[0];
//certType = new com.cert_managerSSL.customerCertType();
//certType.id = 1798;

int numberServers = 0; // not sure what this is for
int serverType = 2; // Apache. see http://www.incommon.org/cert/repository/InCommon_CM_SSL_Web_Service_API.pdf#page=7
int term = 1; // year(s)
string comments = "no comment";

int returnStatus;
bool returnSpecified;

sslService.enroll(sslAuthData, orgId, true, secretKey, csr, revocationPhrase, subjAltNames, certType,
    numberServers, false, serverType, true, term, true, comments, out returnStatus, out returnSpecified);
if (returnStatus < 0)
{
    CertLabel.Text = "Error: " + returnStatus.ToString();
}
else
{
    int certId = returnStatus; // e.g. 12345
    CertLabel.Text = "Cert ID: " + certId.ToString();

    sslService.getCollectStatus(sslAuthData, certId, true, out returnStatus, out returnSpecified);
    CertLabel.Text = "Status: " + returnStatus.ToString();
}