Workflow management

Trust Protection Platform allows you to require approvals or run SSH commands at stages of the certificate lifecycle. You can apply workflows globally, or limit their action to only certificates associated with a specific application type such as a GSK keystore or Apache web server.

Application Workflows are defined in Workflow objects, but applied via folder. Workflow and folder are created and managed in the Policy tree. In the Policy tree hierarchy, Workflow objects are created under folder.

When you define a Workflow object that requires approval, you must also select an Approval Reason Code to provide explanations or instructions for the workflow approvers.

Although Approval Reason Codes are selected in Workflow objects in the Policy tree, the Reason Codes themselves are defined in the Workflow tree. In the Workflow tree, you define the Approval Reason Codes that you want to reference in Workflow objects.

The Workflow tree in the Policy Tree is also where approvers can view and manage Approval Requests. Approvers can see their own approved, pending, and rejected Approval Requests.

Workflow objects may be used at the Enrollment or Provisioning levels of certificate management to manage your organization’s certificate approval process or interject SSH commands at specific points of the certificate lifecycle. For more information, see Implementing certificate workflow management.