Skip to main content

Enterprise PKI Manager Patch: October 25, 2022

Enhancements

Action needed state for profiles

Automation profiles will detect changes in Public or Private CA configurations and put the profile in an “action needed” state so no automation operations can be done using the profile. Some examples of CA changes are:

  • Product disabled

  • ICA no longer available

  • Validation options no longer available

  • Organization or Domain issues

Ability to reject an already approved enrollment

For profiles configured with the Manual Approval authentication method, this enhancement allows an already approved enrollment to be rejected before it is redeemed by an end-user.

Suspension message

Updated the message displayed on the modal pop-up when suspending a certificate to be more friendly and accurate: "Note: the suspended cert will be revoked and added to the appropriate CRL with a revocation reason code of 'certificateHold’ until resumed, or the certificate expires".

Swagger API update

Updated the profile response in the Swagger API documentation to include additional information inside the key_escrow_policy object. Here is an example of possible values:

{
  ...
  "key_escrow_policy": {
    "key_escrow_enabled": true,
    "key_escrow_deployment_mode": "CLOUD",
    "dual_admin_recovery": true
  },    
  ...
}

Also added a new boolean field called enable_dual_admin_approval representing whether dual administrator approvals are required before manually approving a certificate request.