Certificate Inventory and Management and Request "types" (Manual/Automatic)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2025 02:45 AM
Hi everyone,
Our Certificate Inventory and Management system offers two distinct request "types": one for automatic certificate issuance and another for manual issuance.
My question is: Why the separation, and how can we simplify this for our end-users?
In most cases, the requestor isn't aware of the underlying infrastructure. We operate multiple PKIs across various domains (external, internal, production, development, etc.). Some of these PKIs support automatic issuance, while others require manual intervention.
Is there a way to use a single request form for the end-user that can accommodate both manual and automatic issuance, without heavily modifying the out-of-the-box automatic request workflow?
Any insights or suggestions would be greatly appreciated!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2025 03:48 AM
Hello @Tone1,
-
Automation:Automatic issuance streamlines the process for common, well-defined certificate requests, saving time and resources.
-
Manual Review:Manual issuance allows for handling unique or complex cases, ensuring compliance with specific requirements or policies that cannot be automated.
-
Different Infrastructures:Different KPIs (Key Performance Indicators) and domains might have varying infrastructure requirements and security protocols, necessitating different issuance processes.
-
1. Collect Information:Gather all necessary information for certificate requests (e.g., domain name, purpose, validity period).
-
2. Automated Logic:Utilize the collected information to determine if the request can be automatically fulfilled based on predefined rules and configurations.
-
3. Conditional Fields:For requests requiring manual review, display additional fields or information requests as needed, potentially triggered by specific selections within the initial form.
-
4. Hidden Logic:The system can handle the underlying logic of whether to trigger automatic or manual workflows, keeping the process transparent to the end-user.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2025 05:09 AM - edited 06-23-2025 05:10 AM
Hi Abbas, sorry but your input is not really helpfull.
All the automatisation in your example is handled via routing policies, but in the end the enduser have to decide if he needs a manual issued certificate or an automated, because those are two different request OOTB. Why there is no routing policy to route a request to a manual cert task is beyond me, that i can build a request around this issue myself, i know, but i dont want to and aim to keep as close to OOTB as possible.
But maybe i'm wrong in my assuption and somebody with more inside into the technical aspects of cert mgmt can help.