Managing SSL certificate requests

Approve an SSL certificate request

Navigate to Certificates SSL Certificates.
Select the certificate request you want to approve, and click Approve.
In the Approval Message dialog, provide a message outlining any relevant details about your decision.
Click Approve.

Decline an SSL certificate request

Navigate to Certificates SSL Certificates.
Select the certificate request you want to decline, and click Decline.
In the Decline Message dialog, provide a message outlining any relevant details about your decision.
Click Decline.

Edit an SSL certificate request

The tabs and fields available in the Edit SSL Certificate dialog vary based on the certificate profile and enrollment method used for certificate issuance.

Navigate to Certificates SSL Certificates.
Select the certificate request you want to edit, and click Edit.

Complete the Details tab fields based on the information provided in the following table.

Field	Description
Organization	The organization to which the certificate belongs.
Department	The department to which the certificate belongs.
Certificate Profile	The certificate profile to be used for certificate issuance.
Certificate Term	The validity period of the certificate. The available terms are dependent on the certificate profile.
Comments	Comments or notes about the certificate.
External Requesters	The email address of any external requester(s).

Field

Description

Organization

The organization to which the certificate belongs.

Department

The department to which the certificate belongs.

Certificate Profile

The certificate profile to be used for certificate issuance.

Certificate Term

The validity period of the certificate. The available terms are dependent on the certificate profile.

Comments

Comments or notes about the certificate.

External Requesters

The email address of any external requester(s).

Depending on your configuration, additional custom fields may be available.

Click Next.
If prompted, on the CSR tab, paste or upload your CSR, and click Next.

Complete the Private Key tab based on the information provided in the following table.

Field	Description
Azure Account	The name of the SCM Azure account configured for the Azure Key Vault.
Resource Group	The name of the resource group in Azure containing the appropriate Azure Key Vault.
Key Vault	The name of the Azure Key Vault in which the CSR should be generated.
Key Type	The key size or curve to be used for encrypting the private key.
Set Passphrase for Private Key download	When enabled, you can set the password required to download the private key for the issued certificate. Otherwise, a password must be created each time the private key is downloaded.
Reuse Key	Indicates whether the existing private key should be reused when renewing the certificate. If this policy is changed in Azure, the Azure policy will take precedence during certificate renewal or replacement. Once the certificate is issued, this setting cannot be changed.
Exportable Key	Indicates whether the private key can be exported from the Azure Key Vault. If this policy is changed in Azure, the Azure policy will take precedence during certificate renewal or replacement. Once the certificate is issued, this setting cannot be changed.
Store Key in HSM	Indicates whether the key will be stored in an HSM. Once the certificate is issued, this setting cannot be changed.

Field

Description

Azure Account

The name of the SCM Azure account configured for the Azure Key Vault.

Resource Group

The name of the resource group in Azure containing the appropriate Azure Key Vault.

Key Vault

The name of the Azure Key Vault in which the CSR should be generated.

Key Type

The key size or curve to be used for encrypting the private key.

Set Passphrase for Private Key download

When enabled, you can set the password required to download the private key for the issued certificate. Otherwise, a password must be created each time the private key is downloaded.

Reuse Key

Indicates whether the existing private key should be reused when renewing the certificate. If this policy is changed in Azure, the Azure policy will take precedence during certificate renewal or replacement.

Once the certificate is issued, this setting cannot be changed.

Exportable Key

Indicates whether the private key can be exported from the Azure Key Vault. If this policy is changed in Azure, the Azure policy will take precedence during certificate renewal or replacement.

Once the certificate is issued, this setting cannot be changed.

Store Key in HSM

Indicates whether the key will be stored in an HSM.

Once the certificate is issued, this setting cannot be changed.

Click Next.

Complete the Domains tab based on the information provided in the following table.

Field	Description
Common Name	The domain name for which the certificate is being issued.
Subject Alternative Names	Additional names or attributes that identify the entity associated with the certificate. This can include alternative domain names, email addresses, IP addresses, or other identifiers relevant to SSL certificates.

Field

Description

Common Name

The domain name for which the certificate is being issued.

Subject Alternative Names

Additional names or attributes that identify the entity associated with the certificate. This can include alternative domain names, email addresses, IP addresses, or other identifiers relevant to SSL certificates.

Click Next.
If prompted, on the EV details tab, review the EV details, and click Next.

EV details for the organization can be updated on the Organizations page. For more information, see Update EV details.
If prompted, on the Nodes & Ports tab, click the Add icon, and select the node(s) to which the certificate will be installed.

Nodes and ports can be updated on the Network Agents page. For information on configuring nodes and ports, see Configuring network agents.
Click Next.

If prompted, complete the Auto-installation tab based on the information provided in the following table.

Field	Description
Triggered	When selected, certificate auto-installation is manually initiated through SCM.
Scheduled	When selected, certificate auto-installation is scheduled to occur at a specified time.

Field

Description

Triggered

When selected, certificate auto-installation is manually initiated through SCM.

Scheduled

When selected, certificate auto-installation is scheduled to occur at a specified time.

Click Next.

Complete the Auto-Renewal tab based on the information provided in the following table.

Field	Description
Enable Auto-Renewal	When enabled, the certificate will be automatically renewed before expiration.
Create new key pair while renewing	When enabled, a new key pair will be created when renewing the certificate instead of reusing the existing key pair.
Renewal Period	The number of days before the certificate expires that the certificate should be renewed.

Field

Description

Enable Auto-Renewal

When enabled, the certificate will be automatically renewed before expiration.

Create new key pair while renewing

When enabled, a new key pair will be created when renewing the certificate instead of reusing the existing key pair.

Renewal Period

The number of days before the certificate expires that the certificate should be renewed.

Click Next/OK.
If prompted, read the EULAs, select I Agree for each, and click OK.