GET Workflow Certificates ID

The WorkflowClosed A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. GET /Certificates/{id} method is used to return details for a certificate enrollmentClosed Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA). request stored within Keyfactor Command that requires manager approval at the CAClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. level. This method returns HTTP 200 OK on a success with the specified certificate request. This method will return certificate requests with any state (e.g. Pending, Denied, External Validation).

Note:  Certificate requests that require approval at the Keyfactor Command workflow level (see Workflow Definitions in the Keyfactor Command Reference Guide) are not managed with this endpointClosed An endpoint is a URL that enables the API to gain access to resources on a server.. Instead, refer to the Workflow Definitions and Workflow Instances endpoints (see Workflow Definitions and Workflow Instances).
Note:  Certificate requests that require approval at the CA level are supported only for Microsort CAs and select CA gateways. This feature is not supported for EJBCA CAs. Use workflow for configuring Keyfactor Command-level approvals for EJBCA CAs (see Workflow Definitions in the Keyfactor Command Reference Guide).
Tip:  The following permissions (see Security Roles and Claims) are required to use this feature:

/monitoring/alerts/read/

Table 830: GET Workflow Certificates {id} Input Parameters

Name In Description
id Path

Required. An integer indicating the ID of the certificate request to retrieve.

Use the GET /Workflow/Certificates/Pending method (see GET Workflow Certificates Pending) to retrieve a list of all the certificate requests to determine the certificate request ID.

Table 831: GET Workflow Certificates {id} Input Parameters

Name

Description

Id

An integer indicating the reference ID in Keyfactor Command for the certificate request as stored in the Keyfactor Command database. This is not the same as the request ID issued by the CA. This maps to the KeyfactorRequestId parameter for pending certificate request approve and deny actions.

Note:  The reference ID for the certificate request in Keyfactor Command does not necessarily match the reference ID for the issued certificate in Keyfactor Command.
CARequestId An integer indicating the row index of the certificate request in the certificate authority.

CommonName

A string indicating the common name of the requested certificate.

DistinguishedName

A string indicating the distinguished name of the requested certificate.

SubmissionDate

The date and time at which the certificate request was received, as an ISO-8601 formatted UTC timestamp.
CertificateAuthority A string indicating the name of the certificate authority from which the certificate was requested in hostname\logical name format. For example:
corpca01.keyexample.com\\CorpIssuingCA1
Template A string indicating the name of the template used for the certificate request.
Requester A string containing the name of the identity that requested the certificate.

State

An integer indicating the request state of the certificate. The possible values are:

  • Unknown (0)
  • Active (1)
  • Revoked (2)
  • Failed (4)
  • Pending (5)
  • Certificate Authority (6)
  • Parent Certificate Authority (7)
  • External Validation (8)
StateString

A string indicating the request state of the certificate (e.g. Pending).
Metadata An object containing the metadata fields populated for the certificate request.
DenialComment A string containing the user-provided comment entered when the certificate request was denied.
KeyLength An integer indicating the key length of the certificate request.
SANs An array of strings listing the subject alternative name (SAN) elements of the certificate request.
CertStores

An array of objects containing the certificate store locations to which the certificate resulting from the request will be distributed once approved. ClosedShow certificate store location details.
Curve

A string indicating the OID of the elliptic curve algorithm configured used for the certificate request, for ECC certificate requests. Well-known OIDs include:

  • 1.2.840.10045.3.1.7 = P-256/prime256v1/secp256r1

  • 1.3.132.0.34 = P-384/secp384r1

  • 1.3.132.0.35 = P-521/secp521r1
SubjectAltNames

An array of objects indicating the subject alternative name (SAN) elements for the certificate request. ClosedShow SAN details.
Tip:  See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor APIClosed An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon () at the top of the Management Portal page next to the Log Out button.