Symantec CA

Prerequisites

The prerequisites for configuring a Symantec account in AppViewX are as follows:
  • A Symantec client certificate for a user having the necessary access for enrolling the certificates and other Certificate Lifecycle Management(CLM) operations.
  • AppViewX server should either have internet access or have a proxy configured in AppViewX general settings. Check Proxy Setup for the steps to configure proxy. https://adminguide.appviewx.com/proxy-4
  • Symantec users should be associated with the role “w=VICE2 web services application”.
  • Required organization status should be “valid”.
  • If the EV certificate type is enabled, then the EV status of the organization should be “Yes”.
  • The required domain should be registered with the organization.
  • The required certificate types should be enabled with the required values in the portal.
  • Unit values should be available for the required certificate type.

Configuring Symantec CA

  1. Go to (Menu) > SIGN+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, select Symantec.
    The Symantec home page is displayed.
  3. Click the Configure Now button or +Add icon from the middle or top-right of the page respectively.
    The Symantec configuration page is displayed.
  4. Update the following details in the General Information section as described in the table.
    Table 1. General Information - Field Description Table
    Fields Description
    *CA Account name A unique name to identify the CA setting.
    Note: No special characters other than ‘.’, ‘-’,’_’ are allowed. The name must not start with special characters.
    *Purpose/Usage Certificate Type for which CLM actions will be enabled. For example, Server and Client.
    Proxy Required Enable this field if the CA communication needs to happen via Proxy. The proxy details configured in general settings will be used for communication.
    Data Center (AppViewX's CA agent) Select the data center through which the CA communication needs to happen.
    *: Mandatory fields
  5. Update the following details in the CA Configuration section as described in the table. These fields are necessary for invoking the Symantec CA APIs for Certificate Management.
    Table 2. CA Configuration - Field Description Table
    Fields Description
    *Certificate and Key Client authentication certificate for API communication.
    Note: Must be a valid <.p12> or <.pfx> file.
    *URL Symantec URL used for API communications. For example, https://certmanager-webservices.websecurity.symantec.com/vswebservices/
    *Jurisdiction hash Jurisdiction hash of the Symantec account. Available in the top right corner of the Symantec portal.
    *First name First name of the user.
    *Last name Last name of the user.
    *: Mandatory fields
  6. Click Save.

Validating Symantec

Once the Symantec settings are added validation needs to be done to check whether the connection between AppViewX and Symantec is properly configured.
  1. Go to (Menu) > SIGN+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, select Symantec.
    The Symantec home page is displayed.
  3. In the Status column of the grid with the listed accounts, click Check to validate the CA setting that has been created.
    The CA communication will be validated and the Connection Status will be shown as either Success or Failure.
    Success Scenario
    Failed Scenario