Using the connector

This page describes how to use Jira to enroll, renew, and revoke certificates. Since the certificate lifecycle stages are being run within Jira, they use Jira terminology: projects, issue types, and workflows. To enroll a certificate, you must create an issue.

Create a certificate

In Jira, in the top menu bar, click Create .

In the Create Issue dialog, complete the fields based on information in the following table.

Field Description

Field	Description
`Project`	Select a project. The default is Certificate Management (CERT).
`Issue Type`	Select Certificate.
`Reporter`	Select the name of the person responsible. The default is your name.
`Summary`	A temporary title or description of the issue. It will be rewritten when the certificate is enrolled.
`Certificate profile`	Select the profile.
`Certificate CSR text`	Paste CSR text here.

Project

Select a project. The default is Certificate Management (CERT).

Issue Type

Select Certificate.

Reporter

Select the name of the person responsible. The default is your name.

Summary

A temporary title or description of the issue. It will be rewritten when the certificate is enrolled.

Certificate profile

Select the profile.

Certificate CSR text

Paste CSR text here.

To generate a CSR with the openssl CLI tool:

openssl req -out "domain.name.csr" -new -newkey rsa:2048 -nodes -keyout "domain.name.key" -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=domain.name"

Click Create.

A message that CERT-<number>- <Summary> has been created is displayed.

The certificate is now listed under the Issues menu.

Enroll a certificate

In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.
Click Certificate Request, and select Enroll Certificate.

A message CERT-<number> has been updated is displayed.

The Summary changes to Certificate enrolled:<domain name>.

The certificate now has an ID number.

Certificate Request changes to Certificate Enrolled.

The certificate .pem file is attached.

The comments are updated to indicate the certificate has been requested, enrolled, and attached.

You can confirm the existence and status of the certificate on SCM > Certificates.

Download a certificate

In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.
Scroll down to the attached certificate .pem file.
Right-click the link and select Save Link As…
Save the certficate on your server or local machine.

Renew a certificate

A certificate may be renewed multiple times.

In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.
Click Certificate Enrolled (or Certificate Renewed if it has been renewed before), and select Renew Certificate.

A message CERT-<number> has been updated is displayed.

The certificate ID number is changed.

A new certificate is attached.

The comments are updated to indicate the certificate has been renewed.

Certificate Enrolled is changed to Certificate Renewed.

If you receive the message The certificate’s profile does not allow renewal outside of the configured expiry window, go to Sectigo Profile Settings and change the expiry window.

About Auto-renewal of certificates

Auto-renewal can be turned on or off in Sectigo Profile Settings.

Every 24 hours, the system scans for certificates within the expiry window or already expired, it then automatically initiates a transition to the Certificate Renew status.
The scan also checks for any certificates with Force Renewal selected in the Profile Settings and renews them as well.
After the renewal is successful, the certificate issue is updated with the new expiration date, and the issue’s status is changed to Certificate Renewed.
The renewed certificate is attached to the ticket.

Revoke a certificate

The process for revoking a certificate varies depending on whether the certificate was originally enrolled through Jira or not.

Certificate orginally enrolled through Jira
Certificate not enrolled through Jira

In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.
Click Open, and select Revoke Certificate.
Complete the Revoke Certificate dialog.
Click Revoke Certificate.

A message CERT-<number> has been updated is displayed.

The comments are updated to indicate the certificate has been revoked.

If you don’t already know the certificate ID or domain, go to SCM > Certificates and find them.
In Jira, in the top menu bar, click Create.

In the Create Issue dialog, complete the fields based on information in the following table.

Field Description

Field	Description
`Project`	Select a project. The default is Certificate Management (CERT).
`Issue Type`	Select Revoke Certificate.
`Reporter`	Select the name of the person responsible. The default is your name.
`Summary`	A title or description of the issue (for example, "revoke SSL certificate")
`Certificate profile`	Select the profile.
`Certificate ID`	The certificate ID.
`Certificate domain`	The certificate domain.

Project

Select a project. The default is Certificate Management (CERT).

Issue Type

Select Revoke Certificate.

Reporter

Select the name of the person responsible. The default is your name.

Summary

A title or description of the issue (for example, "revoke SSL certificate")

Certificate profile

Select the profile.

Certificate ID

The certificate ID.

Certificate domain

The certificate domain.

Click Create.

A message that CERT-<number>- <Summary> has been revoked is displayed.