To configure certificate management integration, follow the below:

  1. Prepare a Python script that defines a certificate_request() method. The method must accept the following input as a dictionary:

    1. CSR

    2. Hostname for the Common Name field

    3. Parameters defined in the certificate management profile

  2. Create a certificate management profile that calls the script.

For more information, click here.

Prepare the Script

The script must use the def certificate_request command. The following example could be adapted:

def certificate_request(csr, common_name, args_dict): 
""" 
Check if a token exists that can be used:
If not, authenticate against the service with the provided credentials. Invoke the certificate request and get back a valid certificate.
Inputs: 
@csr : Certificate signing request string. This is a multi-line string output like what you get from openssl.
@common_name: Common name of the subject.
@args_dict: Dictionary of the key value pairs from the certificate management profile.
"""

The specific parameter values to be passed to the script are specified within the certificate management profile.

Sensitive Parameters Are Hidden

For parameters that are sensitive (for example, passwords), the values can be hidden. Marking a parameter sensitive prevents its value from being displayed in the web interface or being passed by the API.

Dynamic Parameter Values Are Assigned During CSR Creation

The value for a certificate management parameter can be assigned within the profile or within individual CSRs.

  • If the parameter value is assigned within the profile, the value applies to all CSRs generated using this profile.

  • To dynamically assign a parameter’s value, indicate within the certificate management profile that the parameter is dynamic. This leaves the parameter’s value unassigned. In this case, the dynamic parameter’s value instead is assigned when creating an individual CSR using the profile. The parameter value apples only to that CSR.