Viewing Certificate Requests

The Certificate Requests grid has three tabs: Pending, External Validation and Denied/Failed. Select the appropriate tab to the view desired certificate requests. You may also filter the list shown by entering all or part of a Requester Name and clicking Filter to change which requests are displayed.

Note: Certificate requests that require approval at the Keyfactor Command workflow

A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. level (see Workflow Definitions) do not appear on this page.

Pending

Typically a request in this state has been made using a template A certificate template defines the policies and rules that a CA uses when a request for a certificate is received. that requires manager approval at the CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. level before issuance. The request may be approved or denied from this tab of the certificate requests page or though action on a Pending Request Alert (see Pending Certificate Request Alerts). When the pending requests tab is selected, you will see Approve and Deny buttons activated at the top of the grid. By clicking Details, you can view the certificate details and Approve or Deny the request from the Certificate Request Details dialog. See Approving or Denying a Pending Certificate Request for more information.
External Validation

Certificate requests in this state require approval outside of Keyfactor Command. Certificates appearing on this tab generally are for requests made through one of the Keyfactor Command CA gateways using an EV certificate type. The requests appear here for reference only and cannot be approved or denied. Once a request has been approved using the cloud provider's EV approval process, the Keyfactor Command CA gateway and Keyfactor Command will import the issued certificate on the next synchronization. The synced certificate will move to the Certificate Search grid (see Certificate Search and Collections) and can be viewed there.
Denied/Failed

The denied/failed view shows requests that have been denied through Keyfactor Command as an action on the certificate requests page Pending tab though action on a Pending Request Alert (see Pending Certificate Request Alerts), or through a POST /Workflow/Certificates/Deny API An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. request (see POST Workflow Certificates Deny in the Keyfactor API Reference Guide), but does not include requests denied directly from the CA outside of Keyfactor Command.

Tip: The following permissions (see Security Roles and Claims) are required to use this feature:

Monitoring > Alerts > Read

The certificate requests grid includes these fields:

Request ID

The reference ID of the request from the Keyfactor database.
Common Name

The requested common name A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com). of the request.
Distinguished Name

The requested distinguished name of the request.
Submission Date

The date on which the request was submitted.

Certificate Authority

The CA against which the request was made.
Template

The short name of the template used to make the request.
Requester

The user or entity that made the request.
State

The request status—failed, pending or external validation as per the tab selected.

By default, the grid sorts in descending order with the most recent certificates at the top. The grid can be sorted in ascending or descending Submission Date order by clicking on the column header. The grid columns can be arranged in any order desired by click-holding and dragging the header of the column you wish to move. The column widths may also be adjusted by click-holding and dragging the line separating two column headers.

The Details button appears activated for all views. The details page includes the SANs, metadata Metadata provides information about a piece of data. It is used to summarize basic information about data, which can make working with the data easier. In Keyfactor Command, the certificate metadata feature allows you to create custom metadata fields that allow you to tag certificates with tracking information about certificates., and certificate stores scheduled for distribution for the request, in addition to the information shown on the main grid.

Figure 141: Certificate Request Details

Was this page helpful? Provide Feedback

Version v25.1.1

On this page: