Regenerate Certificate - With New CSR
Before you begin
Before attempting to trigger these service requests, ensure that:- The workflow is enabled.Note: For more information on how to enable a workflow, refer the section on Managing Certificates using Automation Workflows.
- The API user has the necessary RBAC permissions to trigger the workflow. You can check this in the Platform module under IDENTITY > Role > Authorized functions.
Request Structure
| Endpoint: | /visualworkflow-submit-request |
| Type: | POST |
| Sample URL: |
To understand the elements of the sample URL, click here. |
| Headers | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory, if username and password are not
provided) Session ID received after login. Type: String |
| username
|
(Mandatory if sessionId is not provided) AppViewX login
username. Type: String Constraint: Required if sessionId is not provided. |
| password
|
(Mandatory if sessionId is not provided) AppViewX login
password. Type: String Constraint: Required if sessionId is not provided. |
| gwsource
|
(Mandatory) Source from which the request is
triggered Type: String |
| Payload
|
Contains all the parameters to be sent in the request body for
the put request. Type: Payload |
Payload
| Name | Description |
|---|---|
| cert_category | (Mandatory) Specifies the certificate
category Type: String Possible Values: Server, Client |
| certificate_group | (Mandatory) Specifies the group to which the created
certificate must be tagged. Type: String |
| certificate_authority | (Mandatory) Name of the certificate authority that
will issue the certificate. Type: String |
| ca_account | CA account name of the certificate
Authority Type: String |
| division | (Mandatory only for DigiCert CA) Division values for
DigiCert Type: String |
| cert_type | (Mandatory only for DigiCert CA) Certificate type
for DigiCert and Entrust CAs Type: String |
| input_method | (Mandatory) Certificate creation
method Type: String Possible values: Manual, Policy Based, Upload CSR |
| upload_csr | (Mandatory if input_method = Upload CSR) CSR for the new certificate |
| common_name | (Mandatory) Common name of the
certificate Type: String |
| san | (Mandatory) Subject Alternative Name of the
certificate Type: String Possible values: DNS, IP Address |
| dns_names | (Mandatory) DNS values Type: String Example: www.appviewx.com Constraints: Multiple values must be separated by a comma (,). |
| ip_addresses | (Mandatory) IP values Type: String Example: 192.16x.xx.x Constraints: Multiple values must be separated by a comma (,). |
| directory_names | (Mandatory for EJBCA, Microsoft Enterprise CA, and
Microsoft Standalone CA) Directory names for the
certificate Type: String |
| rfc822names | (Mandatory for EJBCA, Microsoft Enterprise CA, and
Microsoft Standalone CA) Email address(es) of the user(s) to whom
the certificate is issued Type: String |
| uris | (Mandatory for EJBCA, Microsoft Enterprise CA, and
Microsoft Standalone CA) Uniform Resource Identifier for the
certificate Type: String |
| registered_ids | (Mandatory for Microsoft Enterprise CA and Microsoft
Standalone CA) Registered ID of the certificate Type: String |
| othernames | (Mandatory for Microsoft Enterprise CA and Microsoft
Standalone CA) Other names for the certificate Type: String |
| organization | (Mandatory for AppViewX CA, EJBCA, and Microsoft
Enterprise CA) Name of the organization requesting the
certificate Type: String |
| organization_unit | (Mandatory) Organization unit requesting the
certificate Type: String |
| locality | (Mandatory) Locality in which the organization is
located Type: String |
| state | (Optional) State in which the organization is
located Type: String |
| country | (Mandatory for AppViewx CA, EJBCA, Entrust CA,
Digicert CA, and Microsoft Enterprise CA) Country in which the
organization is located Type: String |
| mail_address | (Mandatory) Email address of the
organization Type: String |
| challenge_password | (Optional) Password to access the
certificate Type: String |
| validity_unit | (Optional) Unit of time for the certificate's
validity period Type: String Possible values: years, months, days |
| validity_value | (Mandatory if validityUnit has been
specified) Number of units of the time specified as the validity
unit Type: Integer |
| key_type | (Mandatory only if the input method is Manual or
Policy Based) Key type of the certificate Type: String Possible Values: RSA, DSA, EC |
| bit_length | (Mandatory only if the input method is Manual or
Policy Based) Bit length of the certificate Type: String Possible Values: 4096, 2048 |
| hash_function | (Optional) Hash function for the
certificate Type: String Possible Values: SHA256 |
| digicert_server_type | (Mandatory only for DigiCert CA) DigiCert server
type value Type: String |
| ejbca_end_entity_user_name | (Mandatory only for EJBCA) User name of the EJBCA
end entity Type: String |
| ejbca_end_entity_profile_name | (Mandatory only for EJBCA) Profile name of the EJBCA
end entity Type: String |
| ejbca_issuer_common_name | (Mandatory only for EJBCA) Common name of the EJBCA
issuer Type: String |
| ejbca_certificate_profile_name | (Mandatory only for EJBCA) Profile name associated
with the EJBCA certificate Type: String |
| entrust_additional_emails | (Mandatory only for Entrust CA) Additional email addresses |
| microsoft_enterprise_template_name | (Mandatory only for Microsoft Enterprise CA)
Template name for Microsoft Enterprise Type: String |
| user_email | (Optional) Email address for sending status
notificatiosn for certificate create and push Type: String |
| check_attribute | (Optional) Certificate attribute
values Type: String Possible values: true, false Constraints: The certificates_attributes field will be passed only if check_attribute = true. |
| cert_attributes | (Mandatory if check_attributes = true) Certificate attribute settings |
| Name | Description |
|---|---|
| attribute | (Optional) Certificate attribute name Type: String |
| attribute_value | (Optional) Corresponding certificate attribute
value Type: String |
Response Structure
| Name | Description |
|---|---|
| response | Contains the response params for the search object
request. Type: Response |
| message | Success message or failure description in case of
error. Type: String |
| appStatusCode | Application specific status code for the
response Will be non-null for failure response Type: String |
| tags | More information in case of a failure
response Type: NA |
| Name | Description |
|---|---|
| requestId | Unique identifier for the request Type: String |
| workflowVersion | Version of the workflow Type: String |
| message | The message with the status and request number for
the request Type: String |
| status | Status of the request Type: String |
| stausCode | Status code for the request Type: String |
| requestType | Request type Type: String |
| workorderId | The ID of the work order for the request If there is
no workorder, the value will be 0. Type: String |
Status Codes
| HTTP Code | appStatusCode | Response Message |
|---|---|---|
| 200 OK | NA | Success Remediation: NA |
| 400 Bad Request | avx-common-028 | Invalid/ Incorrect payload Remediation: Check and ensure if a valid value is given in the request payload field - input. |
| 401 Unauthorized | WORKFLOW_1679 | User is not authorized. Remediation: Ensure that logged-in user is authorized to access the workflow. |
| 404 Not Found | engine-db-015 | Workflow not found. Remediation: Ensure the workflow data is valid. |
| 409 Conflict | WORKFLOW_1475 | Given workflow is not in enabled
state. Remediation: Enable the workflow. |
| 500 Internal Server Error | WORKFLOW_1617 | Invalid form data. Please provide all mandatory
data Remediation: Ensure a valid value is given in the request payload field - input. |
| 500 Internal Server Error | NA | Error while processing Remediation: NA |
Sample Request/Response
{
{
"payload": {
"header": {
"workflowName": "Regenerate Certificate - With New CSR"
},
"data": {
"input": {
"requestData": [
{
"sequenceNo": 1,
"scenario": "scenario",
"fieldInfo": {
"info": "",
"cert_category": "Server,Client",
"certificate_group": "<mandatory field>",
"certificate_authority": "Ejbca,Microsoft Enterprise,DigiCert,Entrust",
"ca_account": "<mandatory field>",
"division": "",
"cert_type": "",
"serial_number": "<mandatory field>",
"input_method": "Manual,Upload CSR",
"cert_profile": "",
"upload_csr": "<mandatory field>",
"fetch_csr_params": "",
"common_name": "<mandatory field>",
"csr_common_name": "",
"san": "DNS,Directory Name,Email,IP Address,Registered ID,URL,Other Name",
"csr_san": "DNS,Directory Name,IP Address,Registered ,ID,URL,Other Name,Email",
"csr_dns": "",
"dNSNames": "",
"directoryNames": "",
"iPAddresses": "",
"registeredIDs": "",
"otherNames": "",
"uniformResourceIdentifiers": "",
"rfc822names": "",
"organization": "",
"csr_iPAddresses": "",
"csr_uniformResourceIdentifiers": "",
"csr_directoryNames": "",
"csr_registeredIDs": "",
"csr_otherNames": "",
"csr_rfc822names": "",
"csr_organization": "",
"organization_unit": "",
"csr_organization_unit": "",
"locality": "",
"csr_locality": "",
"state": "",
"csr_state": "",
"country": "",
"csr_email_address": "",
"mail_address": "",
"challenge_password": "",
"csr_challenge_password": "",
"csr_country": "",
"digicert_postal_code": "",
"validity_unit": "<mandatory field>",
"validity_value": "<mandatory field>",
"csr_key_type": "EC",
"key_type": "EC",
"bit_length": "<mandatory field>",
"csr_bit_length": "",
"hash_function": "<mandatory field>",
"csr_hash_function": "",
"attributes_available": "true",
"cert_attributes": [
{
"attributes": "",
"attribute_value": ""
}
],
"ejbca_End_Entity_Profile_Name": "<mandatory field>",
"ejbca_End_Entity_User_Name": "",
"ejbca_Issuer_Common_Name": "<mandatory field>",
"ejbca_Certificate_Profile_Name": "<mandatory field>",
"digicert_server_type": "<mandatory field>",
"microsoft_enterprise_template_name": "<mandatory field>",
"entrust_additional_emails": "",
"user_email": "(~get_logged_user_email_id~)"
}
}
]
},
"globalData": {},
"task_action": 1
}
}
}{
{
"response": {
"workorderId": "0",
"requestType": "default",
"requestId": "867",
"workflowVersion": "master",
"message": "Workflow Request is created with Id 897 . Request submitted to workflow engine for processing workorder.",
"status": "In Progress",
"statusCode": 0
},
"message": "Success",
"appStatusCode": null,
"tags": null,
"headers": null
}References
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.