Certificates/Request Applications parameters for provisioning

POST Certificates/Request uses Applications to allow vendor libraries, like GSK, to provision and manage keys and certificates on devices. The following diagram shows a generic Certificates/Request for provisioning. Each Devices element has Applications with zero or more Application objects. Each object provides data for a vendor library, like GSK, to use in provisioning and managing keys and certificate stores on devices. Application objects can use the same certificate. If more than one device uses the same certificate, Trust Protection Platform centrally manages the certificate. For more information, see Example 4: Provisioning.

Certificates/Request Response summary

Parameters

As part of POST Certificates/Request, the following Applications parameters are available.

Input parameters

Name

Description

Applications

(Optional)

Approvers: An array of one or more users or groups who are certificate approvers. Approvers have an Active Directory (AD), Light Directory Access Protocol (LDAP), or local identity. To get this information, use response data from POST Identity/Browse. The parameters are:

  • Prefix: AD+Friendly Name, LDAP+Friendly Name, or local. For example, AD+JHTEST.

  • Universal: The universal ID of the user or group identity.

Class: (Optional) The class name for the Trust Protection Platform application driver. Corresponds with the DriverName.

TIP  A value that matches a supported provisioning Application. If the Application is not listed, specify Basic.

Application Objects
Application Object class names
Parameter Parameter
  • Adaptable App
  • Amazon AWS
  • Apache
  • Azure Key Vault
  • Basic
  • BlueCoat SSLVA
  • CAPI
  • Certificate
  • ConnectDirect
  • DataPower
  • F5 LTM Advanced
  • GSK
  • IIS6
  • Imperva MX
  • iPlanet
  • JKS
  • Citrix NetScaler
  • Palo Alto Network FW
  • PEM
  • PKCS#12
  • Riverbed SteelHead
  • Tealeaf PCA

ClassSpecificAttributes: (Optional) One or more Application object attributes that describe how to provision the certificate. Use Name and Value pairs. For help with Certificate parameters, see X509 Certificate CA Specific Attributes. For all parameter names, see the corresponding topic in the Web SDK Object class reference.

Contacts: (Optional)An array of one or more users or groups who receive event notifications. The events notify people about certificate expiration and validation failures: Contacts have an AD, LDAP, or local identity. To get this information, use response data from POST Identity/Browse. The parameters are:

  • Prefix: AD+Friendly Name, LDAP+Friendly Name, or local. For example, AD+JHTEST.

  • Universal: The universal ID of the user or group identity.

Description: (Optional) The description for this software application.

DriverName:The driver name. Corresponds with the Class:

TIP  A value that matches a supported provisioning Application. If the Application is not listed, appbasic.

Driver Names
Parameter Parameter
  • Adaptable App: appadaptable
  • Amazon App: appamazon
  • Apache: appapache
  • Azure keyvault: appazurekeyvault
  • Basic: appbasic
  • Blue Coat SSLVA: appbluecoat
  • CAPI: appcapi
  • ConnectDirect: appconnectdirect
  • DataPower: appdatapower
  • F5 LTM Advanced: appf5ltmadvanced
  • GSK: appgsk
  • IIS6: appiis6
  • Imperva MX: appimpervamx
  • iPlanet: appiplanet
  • JKS: appjsk
  • Citrix NetScaler: appnetscaler
  • Palo Alto Network FW: apppaloalto
  • PEM: apppem
  • PKCS#12: apppkcs12
  • Riverbed SteelHead: appriverbedsteelhead
  • Tealeaf PCA: apptealeafpca

ObjectName: (Optional) A name for the Application object.

Validationhost: (Optional) The IP or domain name of the host that provides a certificate for this software application.

ValidationPort: (Optional) The port number for the host that provides a certificate for this software application.