Adding Renewal Handlers to Expiration Alerts

Important:  Renewal alerts will not function until you configure security permissions for the renewal handler as per Configure Legacy Automated Renewal Permission in the Keyfactor Command Server Installation Guide.
Important:   Handlers are only used by alerts when the legacy alerting system is used to deliver alerts, not the newer workflowClosed A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. system.

To add a renewal handler to an expiration alert:

  1. Edit an existing expiration alert or create a new one. See Expiration Alert Operations.

  2. Check the Use handler box and select the renewal event handler in the dropdown.

    Figure 178: Use Renewal Event Handler on Expiration Alert

    Tip:  If the expected event handler types do not appear, confirm that they exist and are enabled on the Event Handler Registration page (see Event Handler Registration).

  3. Click the Configure button in the Use handler section of the page to open the Configure Event Handler dialog and then click Add.

    Figure 179: Expiration Alert with URL Event Handler

  4. In the Configure Event Handler ParameterClosed A parameter or argument is a value that is passed into a function in an application. dialog, select Renewal URL as the parameter Type, and enter the URL to the Keyfactor Command server hosting the Keyfactor APIClosed An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. component followed by /KeyfactorApi in the Value field. Click Save to save your first parameter.
  5. If desired, you can configure a renewal templateClosed A certificate template defines the policies and rules that a CA uses when a request for a certificate is received. and CAClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. for use with the renewal event handler. These settings are optional. If you don’t set these, the renewal will be done using the template and CA originally used on the certificate. If you set only one of these—for example, the template—it will use the setting from the renewal event handler for that and retrieve the other—for example, the CA—from the certificate.

  6. Test the alert as described in Expiration Alerts. It is not necessary to check the Send Alerts box during the test.

    Important:  Renewals are processed and new certificates are issued during expiration alert tests with associated renewal handlers.