Sectigo.com
Shop Enterprise Partners Resources

Using the connector

This page describes how to use Jira to enroll, renew, and revoke certificates. Since the certificate lifecycle stages are being run within Jira, they use Jira terminology: projects, issue types, and workflows. To enroll a certificate, you must create an issue.

Create a certificate

  1. In Jira, in the top menu bar, click Create .

    create certificate

  2. In the Create Issue dialog, complete the fields based on information in the following table.

    Field Description

    Project

    Select a project. The default is Certificate Management (CERT).

    Issue Type

    Select Certificate.

    Reporter

    Select the name of the person responsible. The default is your name.

    Summary

    A temporary title or description of the issue. It will be rewritten when the certificate is enrolled.

    Certificate profile

    Select the profile.

    Certificate CSR text

    Paste CSR text here.

    To generate a CSR with the openssl CLI tool:

    openssl req -out "domain.name.csr" -new -newkey rsa:2048 -nodes -keyout "domain.name.key" -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=domain.name"

  3. Click Create.

    A message that CERT-<number>- <Summary> has been created is displayed.

    The certificate is now listed under the Issues menu.

Enroll a certificate

  1. In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.

  2. Click Certificate Request, and select Enroll Certificate.

    A message CERT-<number> has been updated is displayed.

    The Summary changes to Certificate enrolled:<domain name>.

    The certificate now has an ID number.

    Certificate Request changes to Certificate Enrolled.

    The certificate .pem file is attached.

    The comments are updated to indicate the certificate has been requested, enrolled, and attached.

You can confirm the existence and status of the certificate on SCM > Certificates.

Download a certificate

  1. In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.

  2. Scroll down to the attached certificate .pem file.

    download certificate

  3. Right-click the link and select Save Link As…​

  4. Save the certficate on your server or local machine.

Renew a certificate

A certificate may be renewed multiple times.

  1. In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.

  2. Click Certificate Enrolled (or Certificate Renewed if it has been renewed before), and select Renew Certificate.

    A message CERT-<number> has been updated is displayed.

    The certificate ID number is changed.

    A new certificate is attached.

    The comments are updated to indicate the certificate has been renewed.

    Certificate Enrolled is changed to Certificate Renewed.

If you receive the message The certificate’s profile does not allow renewal outside of the configured expiry window, go to Sectigo Profile Settings and change the expiry window.

About Auto-renewal of certificates

Auto-renewal can be turned on or off in Sectigo Profile Settings.

  • Every 24 hours, the system scans for certificates within the expiry window or already expired, it then automatically initiates a transition to the Certificate Renew status.

  • The scan also checks for any certificates with Force Renewal selected in the Profile Settings and renews them as well.

  • After the renewal is successful, the certificate issue is updated with the new expiration date, and the issue’s status is adjusted accordingly.

Revoke a certificate

The process for revoking a certificate varies depending on whether the certificate was originally enrolled through Jira or not.

  • Certificate orginally enrolled through Jira

  • Certificate not enrolled through Jira

  1. In Jira, search for the specific issue number of the certificate (for example, CERT-45), or find it listed under Issues.

  2. Click Open, and select Revoke Certificate.

  3. Complete the Revoke Certificate dialog.

  4. Click Revoke Certificate.

    A message CERT-<number> has been updated is displayed.

    The comments are updated to indicate the certificate has been revoked.

  1. If you don’t already know the certificate ID or domain, go to SCM > Certificates and find them.

  2. In Jira, in the top menu bar, click Create.

  3. In the Create Issue dialog, complete the fields based on information in the following table.

    Field Description

    Project

    Select a project. The default is Certificate Management (CERT).

    Issue Type

    Select Revoke Certificate.

    Reporter

    Select the name of the person responsible. The default is your name.

    Summary

    A title or description of the issue (for example, "revoke SSL certificate")

    Certificate profile

    Select the profile.

    Certificate ID

    The certificate ID.

    Certificate domain

    The certificate domain.

  4. Click Create.

    A message that CERT-<number>- <Summary> has been revoked is displayed.