Integration parameters
The integration provides various parameters that you can use in different scenarios.
Customer-specific parameters
The following table lists parameters that are required for establishing a connection with SCM.
Parameter | Type | Description |
---|---|---|
|
Mandatory |
User ID to access your URI |
|
Mandatory |
Password to access your URI |
|
Mandatory |
Your specific Sectigo URI |
|
Mandatory |
The base URL of the Sectigo CA |
CSR parameters
The following table lists parameters that are required for generation of the certificate signing request (CSR).
Parameter | Type | Description |
---|---|---|
|
Conditional |
A single value for a domain included in the certificate Common Name (CN) field. Required if |
|
Conditional |
The country name included in the certificate Country (C) field. Required if |
|
Conditional |
The state or province name included in the certificate State (ST) field. Required if |
|
Conditional |
The location name included in the certificate Location (L) field. Required if |
|
Conditional |
The organization name included in the certificate Organization (O) field. Required if |
|
Conditional |
The organization unit included in the certificate Organization Unit (OU) field. Required if |
|
Conditional |
The email address included in the certificate emailAddress field. Required if |
|
Conditional |
The full path to the CSR file. If provided, then the subject parameters are ignored. |
|
Optional |
The private key algorithm to use to generate the private key.
The default value is |
|
Optional |
The size of the TLS/SSL key to generate. The possible values are:
|
Certificate issuance parameters
The following table lists parameters that are used for certificate issuance.
Parameter | Type | Description |
---|---|---|
SSL certificates |
||
|
Mandatory |
Your organization ID (numeric) |
|
Mandatory (with default) |
The location where the certificate is to be stored.
The same location is used to store CSR, private key, and enrollment IDs.
The default file path is the one where the command is executed.
For the |
|
Mandatory (with default) |
The name of the certificate file.
The same name is used for the CSR, private key, and enrollment IDs.
the default file name is |
|
Optional |
A comma-separated list of emails |
|
Optional |
Comments for certificate enrollment |
|
Conditional |
The number of server licenses (numeric) |
|
Optional |
The server type ID (numeric) |
|
Optional |
A comma-separated list of subject alternative names (SAN) |
|
Optional |
Custom fields to be applied to the requested certificate.
The expected format for custom fields is the following: |
|
Optional |
The format type for the SSL certificate. The supported values are:
|
|
Mandatory |
The certificate validity period in days (numeric).
The values available are dependent on the selected |
|
Mandatory |
The type of SSL certificate (numeric). This is the ID of the SSL certificate type. |
Client certificates |
||
|
Mandatory |
Your organization ID (numeric) |
|
Mandatory (with default) |
The location where the certificate is to be stored.
The same location is used to store CSR, private key, and enrollment IDs.
The default file path is from where the command is executed.
For the |
|
Mandatory (with default) |
The name of the certificate file.
The same name is used for the CSR, private key, and enrollment IDs.
The default filename is |
|
Mandatory |
The type of client certificate (numeric). This is the ID of the client certificate type. |
|
Mandatory |
The certificate validity period in days (numeric).
The values available are dependent on the |
|
Mandatory |
A valid user email that is less than 256 characters |
|
Mandatory |
The user’s first name |
|
Conditional |
The user’s middle name |
|
Mandatory |
The user’s last name. The combined length of the first, middle, and last name fields cannot exceed 64 characters. |
|
Optional |
Custom fields to be applied to the requested certificate.
The expected format for custom fields is the following: |
|
Optional |
A comma-separated list of subject alternative names (SAN) |
|
Optional |
If |
Certificate auto-renewal |
||
|
Optional |
The period of days prior to expiration that a new certificate enrollment process will be initiated (numeric) if a |
|
Optional |
If set to |
Collect certificate |
||
|
Optional |
The interval (in seconds) between repeated attempts to collect a certificate (numeric).
The default value is |
|
Optional |
The maximum time (in seconds) during which repeated attempts to collect a certificate will be made (numeric).
The default value is |
In addition to the parameters listed in the preceding table, you are required to pass CSR parameters.
Certificate collection parameters
The following table lists parameters that are used for collecting a certificate. The collection operation may fail if the certificate is still being processed. In such cases, the operation attempts to collect the certificate several times before returning a failure. The parameters allow you to configure the frequency and maximum time for additional attempts during certificate collection.
Parameter | Type | Description |
---|---|---|
SSL certificates |
||
|
Mandatory (with default) |
The format type for the SSL certificate. The supported values are:
|
|
Optional |
The interval (in seconds) between repeated attempts to collect a certificate.
The default value is |
|
Optional |
The maximum time (in seconds) during which repeated attempts to collect a certificate will be made.
The default value is |
|
Conditional |
The SSL ID of the certificate to be collected.
Mandatory if the selected recipe is |
|
Optional |
The location where the certificate is to be stored.
The same location is used to store CSR, private key, and enrollment IDs.
The default file path is the one where the command is executed.
For the |
|
Optional |
The name of the certificate file.
The same name is used for the CSR, private key, and enrollment IDs.
The default file name is |
Client certificates |
||
|
Optional |
The interval (in seconds) between repeated attempts to collect a certificate.
The default value is |
|
Optional |
The maximum time (in seconds) during which repeated attempts to collect a certificate will be made.
The default value is |
|
Optional |
The order number of the certificate to be collected |
|
Optional |
The location where the certificate is to be stored.
The same location is used to store CSR, private key, and enrollment IDs.
The default file path is the one where the command is executed.
For the |
|
Conditional |
The order number of the certificate to be collected.
Mandatory if the selected recipe is |
Certificate replacement parameters
The following table lists parameters that are used for replacing a certificate.
Parameter | Type | Description |
---|---|---|
SSL certificates |
||
|
Mandatory |
Reason for replacing the certificate |
|
Mandatory |
Single value for a domain included in the certificate Common Name (CN) field |
|
Mandatory (with default) |
If |
Client certificates |
||
|
Mandatory |
Reason for replacing the certificate |
|
Mandatory (with default) |
If |
|
Mandatory (with default) |
If |
In addition to the parameters listed in the preceding table, you are required to pass CSR parameters that are listed in CSR parameters, as per your replacement requirement. For more information, see [Replacing certificates].
Certificate revocation parameters
The following table lists parameters that are used for manually revoking a certificate.
Parameter | Type | Description |
---|---|---|
SSL certificates |
||
|
Mandatory |
The reason why a certificate is to be revoked |
|
Mandatory |
The name of the certificate file. The same name is used for the CSR, private key, and enrollment IDs. |
|
Mandatory |
The location where the certificate is to be stored. The same location is used to store CSR, private key, and enrollment IDs. |
Client certificates |
||
|
Mandatory |
The reason why a certificate is to be revoked |
|
Mandatory |
The name of the certificate file. The same name is used for the CSR, private key, and enrollment IDs. |
|
Mandatory |
The location where the certificate is to be stored. The same location is used to store CSR, private key, and enrollment IDs. |
Miscellaneous parameters
The following table lists parameters that are used for renewing a certificate.
Parameter | Type | Description |
---|---|---|
|
Optional |
Issues a new certificate even if there is already a certificate on the target server.
The default value is |
|
Mandatory |
Indicates the type of the certificate.
Should be set to |