DigiCert certificate Discovery issue

AbdulRahim Shai
Tera Expert

‎05-24-2023 03:44 AM

Hello Community,

 

I have set up DigiCert discovery to scan for certificates but it's giving below error. 

 

"status" : "GRACEFUL_TERMINATION",
"message" : "Certificate List is Empty - Please check Credentials and Configurations (ca_api_url, ca_api_version, include_cert_status) Failed Condition(s): [(${certificate} : value=) IS NOT EMPTY ]",
"log" :

 

When I tried to debug it looks like I am not able to make a query to   "/services/v2/order/certificate" As a result it's returning empty results and failing 

 

Does anyone experience a similar issue? is this happening because of a restriction to the API key? Currently, its view only ie only get request is allowed.  requesting some help. 

 

Thanks,

AbdulRahim

 

 

 

 

 

0 Helpfuls
  • 3,242 Views
21 REPLIES 21

MattSN
Mega Sage
Mega Sage
In response to Amanda35

‎06-09-2023 10:04 AM

For Permissions in Digicert, if you're using their GUI to set it up, the account needs "View Only", Standard user and do not check off "limit to place and managing their own orders"

 

Something to check in the config. Make sure on your Serverless Execution Pattern, the credentialsAlias value is set to sn_disco_certmgmt.Digicert.

Amanda35
Tera Contributor
In response to MattSN

‎06-09-2023 11:45 AM

Thanks @MattSN, that helped a lot! The issue was in our credentialsAlias value, I've updated that and it seems to be working now!

0 Helpfuls

Suresh K1
Tera Contributor
In response to MattSN

‎04-30-2024 08:40 PM

In the Serverless Execution Pattern, I did not set the credentialsAlias value  to sn_disco_certmgmt.Digicert.

It worked for me like magic after setting this value.
Thanks MattSN

 

Regards
Suresh

0 Helpfuls

bhupellygopi95
Tera Contributor
In response to MattSN

‎09-18-2024 01:57 AM

Thanks @MattSN, this worked like charm. Appreciate it

0 Helpfuls

shikhasingh
Tera Contributor
In response to MattSN

‎10-07-2024 09:33 PM

@MattSN I am trying to run digicert discovery and getting error as 

Identification Engine: Discovery status is FAILURE, Required attribute fingerprint is missing for CI Type cmdb_ci_certificate

 I tried running script mentioned by you and getting error 

*** Script: Status code is 403
*** Script: Response is null

Applied solution as mentioned in the above KB article , still no luck.

 

Checked for credentialsAlias value that is also set to sn_disco_certmgmt.Digicert.

 

Any help will be appreciated

 

 

 

0 Helpfuls