About clearing certificate workflow errors

If there is an error at some stage of the certificate lifecycle and you manually resolve the problem—for example, if there is an error accessing a CA, so you manually submit the CSR— Trust Protection Platform does not know the problem has been resolved. Therefore, the workflow error remains and Trust Protection Platform cannot complete the certificate processing.

Trust Protection Platform TLS Protect provides three ways to clear certificate workflow errors:

  • The Restart option clears all errors and stages on the certificate and its associated applications, then restarts processing from the beginning.

    This option is provided for circumstances in which the certificate or application was configured incorrectly. This option allows the administrator to restart the certificate processing so the correct information can be used. For example, if an administrator misspelled the certificate’s common name, he or she could correct the spelling error, then restart the renewal process so the change is reflected in the new certificate. Restart can be used at any point during the renewal process

  • The Retry option clears the certificate error, then retries the last processing stage.

    If the certificate is currently in an error state, this option clears the error, then queues the certificate to retry the current stage. For example, if a certificate was configured with an invalid CA template, the administrator could reconfigure the CA template, and then click Retry to resume the renewal process.

    If there is an error on the certificate’s associated application(s), then Trust Protection Platform reattempts to install the certificate on the associated application(s). Disabled applications are skipped.

  • The Reset option clear errors and stages on the certificate and its associated applications, then stop processing.

    This option is provided for circumstances in which there is an error at some stage of the certificatelifecycle and the administrator decides to abort the current renewal process. For example, if a certificate completed the enrollment process, but failed when installing on one of the associated applications, the administrator could manually install the certificate on the application, and then click Reset to clear the error. In this instance, no further processing would be necessary.

In Policy Tree, the Restart, Retry, and Reset options display at the top of the certificate Summary page.