This section explains the details to configure certificate management integration.
The following are the steps to configure certificate management integration:
Prepare a Python script that defines a
certificate_request()method. The method must accept the following input as a dictionary:CSR
Hostname for the Common Name field.
Parameters defined in the certificate management profile.
Create a certificate management profile that calls the script.
For more information, click here.
Prepare the Script
The script must use the def certificate_request command. For instance,
def certificate_request(csr, common_name, args_dict):
"""
Check if a token exists that can be used:
If not, authenticate against the service with the provided credentials.
Invoke the certificate request and get back a valid certificate.
Inputs:
@csr : Certificate signing request string. This is a multi-line string output like what
you get from openssl.
@common_name: Common name of the subject.
@args_dict: Dictionary of the key value pairs from the certificate management profile.
"""
The specific parameter values to be passed to the script are specified within the certificate management profile.
Sensitive Parameters
For parameters that are sensitive, for instance, passwords, the values can be hidden. Marking a parameter sensitive prevents its value from being displayed in the web interface or being passed by the API.
Dynamic Parameter
The value for a certificate management parameter can be assigned within the profile or within individual CSRs.
If the parameter value is assigned within the profile, the value applies to all CSRs generated using this profile.
To dynamically assign a parameter’s value, indicate that the parameter is dynamic within the certificate management profile. This leaves the parameter’s value unassigned. In this case, the dynamic parameter’s value is assigned when creating an individual CSR using the profile. The parameter value applies only to that CSR.
