Enterprise PKI Manager Patch: October 25, 2022
Enhancements
Action needed state for profiles
Automation profiles will detect changes in Public or Private CA configurations and put the profile in an “action needed” state so no automation operations can be done using the profile. Some examples of CA changes are:
Product disabled
ICA no longer available
Validation options no longer available
Organization or Domain issues
Ability to reject an already approved enrollment
For profiles configured with the Manual Approval authentication method, this enhancement allows an already approved enrollment to be rejected before it is redeemed by an end-user.
Suspension message
Updated the message displayed on the modal pop-up when suspending a certificate to be more friendly and accurate: "Note: the suspended cert will be revoked and added to the appropriate CRL with a revocation reason code of 'certificateHold’ until resumed, or the certificate expires".
Swagger API update
Updated the profile
response in the Swagger API documentation to include additional information inside the key_escrow_policy
object. Here is an example of possible values:
{ ... "key_escrow_policy": { "key_escrow_enabled": true, "key_escrow_deployment_mode": "CLOUD", "dual_admin_recovery": true }, ... }
Also added a new boolean field called enable_dual_admin_approval
representing whether dual administrator approvals are required before manually approving a certificate request.