Certificate Provisioning with Notification

This workflow allows you to create a certificate based on the certificate group and the policy associated with it, and push to a device available in the instance. Email approval is required for certificate creation as well as pushing it to the device. Once approved, the logged in user will receive an email informing them about the Push to Device Status of the certificate.

To trigger this workflow:

  1. From the Certificate Lifecycle Automation catalog, under the Enrollment category, hover your mouse over the Certificate Provisioning with Notification workflow and click .
    The workflow execution page is displayed with the workflow inputs requested at the first stage.
  2. Under the CA Details section, select the requested field information as described in the table below.
    Table 1. Field description for CA Details section
    Field Description
    *Certificate Group Select the Certificate Group from the options available in the dropdown.
    *Certificate Authority Select the Certificate Authority from the available options:
    • DigiCert
    • Entrust
    • EJBCA
    • Microsoft Enterprise
    • AppViewX
    Note: This field is populated based on the selected Certificate Group.
    CA Account Select the CA Account from the options available in the dropdown.
    Note: This field is populated based on the CAselected .
    All asterisk (*) marked fields are mandatory.
  3. Under the CSR Parameters section, enter or select the requested field information as described in the table below.
    Table 2. Field description for CSR Parameters section
    Field Description
    *Common Name Enter the Fully Qualified Domain Name (FQDN) of the server for which certificate is requested.
    Subject Alternative Type Select the Subject Alternative Type from the available options:
    • DNS
    • IP Address
    Subject Alternative Name Enter a valid Subject Alternative Name.
    All Asterisk (*) marked fields are mandatory.
  4. Under the Device Information section, enter or select the requested field information as described in the table below.
    Table 3. Field description for Device Information section
    Field Description
    *Device Type Select the Device Type from the options available in the dropdown.
    *Vendor Select the Vendor from the options available in the dropdown.
    Note: The vendor list is populated based on the Device Type selected.
    *Device Select the Device from the options available in the dropdown.
    Note: The device list is populated based on the Vendor selected.
    Linux Actions Select the Linux Action from the options available in the dropdown.
    Note: This field is displayed only when you select Linux Server in the Vendor field.
    *Profile/Application Select the Profile/Application from the options available in the dropdown.
    Note: The Profile/Application list is populated based on the Device selected.
    *KDB Password Configure a password to access the KDB file.
    Note: This field is displayed only when you select Default in the Linux Actions field.
    *Push to Devices Add the selected profile/application to the grid as described below the table.
    All asterisk (*) marked fields are mandatory.
  5. To add the selected profile/application to the grid, click .
    The Profile/Application is added to the Push to Devices grid.
    Note: If you select multiple profiles/applications, they will be displayed in the Push to Devices grid, under the Profiles/Applications column as comma separated values.
    Table 4. Actions available in the Push to Devices grid
    Action Description
    Allows you to edit the device details. You can do this by selecting the attribute in the grid, click , enter the new value for the attribute, and click again.
    Allows you to delete a profile/application.
    Allows you to maximize the Push to Devices grid.
    Search bar Allows you to search for a profile/application in the grid.
  6. Under the Email section, enter the field information as described in the table below.
    Table 5. Field description for Email section
    Field Description
    *Certificate Approver Email ID Enter the email address or multiple addresses, separated by comma, of the user(s) approving the certificate creation request.
    *Certificate Push Approver Email ID Enter the email address of the user who will approve the certificate push request.
    All Asterisk (*) marked fields are mandatory.
  7. Click Submit.
    The workflow is executed successfully.
  8. At the View | Edit Certificate Details stage, click Submit.
    Email notification for Create Certificate approval is received.
  9. Click Approve or Reject in the Approval for Creating Certificate email.
    Certificate is created after the approver clicks Approve.
  10. To download the certificate, at the View | Download Certificate stage, hover your mouse over , and from the options displayed, click Download Certificate.
  11. Hover your mouse over to view the Certificate status.
  12. Click Approve or Reject in the Approval for Pushing Certificate to Device email.
    Once the approver approves the request, the certificate is pushed to the selected device and an email notification is also sent to the requester.