Approve-Request function
The Approve-Request function is called at processing stage 600 and is used to automate the approval of a certificate request that was made by Submit-CsrAsNew, Submit-CsrAsRenewal, or Submit-CsrAsReplacement.
You do not need to implement logic for this function for those CAs that can be configured to automatically issue certificates that are submitted by specific credentials or by specific methods (API).
|
Variable Name |
Data Type |
Description |
|---|---|---|
|
SubjAltNames |
Hashtable |
Hash table keyed by SAN type; values are string arrays. |
|
SubjectDN |
Hashtable |
The requested subject distinguished name (DN) as a hash table; OU is a string array; all others are strings. |
|
TransId |
String |
Text used by the CA to uniquely identify the certificate request submitted previously. |
|
Variable Name |
Data Type |
Description |
|---|---|---|
|
AuxPass |
String |
The password portion of the Secondary Credential when a user name or a password credential is assigned, or the PKCS#12 password when a certificate credential is assigned |
|
AuxPfxData |
Byte Array |
A PKCS#12 byte array that contains a client certificate and private key when a certificate credential is assigned as the Secondary Credential |
|
AuxUser |
String |
The user name portion of the Secondary Credential when a user name credential is assigned |
|
CertObjDN |
String |
Venafi distinguished name (DN) of the certificate object in the policy tree |
|
CustomFields |
Hashtable |
Hash table keys are Custom Field labels and the values are strings (single-valued) or string arrays (multi-valued). |
|
OAuthAccessToken |
String |
OAuth token passed to the PowerShell script. Tokens are passed only after you've provided the required information in the WebSDK OAuth Token Configuration settings of the Adaptable object. See Configuring the Adaptable CA object. How it worksWhen used, each time your script is called, Trust Protection Platform requests a new token automatically. Each new token is associated with both the specified user and with the referenced application ID. After the script finishes running, Trust Protection Platform revokes the token automatically. To get started, see Adaptable CA prerequisites. |
|
PfxData |
Byte Array |
PKCS#12 keystore containing client certificate and private key for authenticating with the CA; this and the PfxPass are used together to instantiate an X509Certificate2 object for client certificate authentication. |
|
PfxPass |
SecureString |
Password for access to the private key of the PfxData PKCS#12 |
|
UserName |
String |
User name for authenticating with the CA |
|
UserPass |
String |
Password for authenticating with the CA |
|
WebSdkUrl |
String |
String representing the fully-qualified domain name to the WebSDK of your Trust Protection Platform server. For information on where this variable data is set, see Trust Protection Platform server configuration. |
|
Return |
Data Type |
Description |
|---|---|---|
|
Result |
String |
Shows "Success" or "NotUsed" to indicate the non-error completion state. |
|
TransId |
String |
Text used by the CA to uniquely identify the certificate request submitted previously. |
For information about processing stages, see About certificate lifecycle management.