Versions Compared

Old Version 11

changes.mady.by.user Kent Engström

Saved on

compared with

New Version 12

changes.mady.by.user Kent Engström

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: API

...

Code Signing Certificates

We will update this section when a SUNET TCS member has found the need for a code signing certificate, gone through the procedure and shared the experience with us.

Notifications

Under Settings → Notifications you can add and edit what notifications the system will send you when certain conditions are met. Use the Add button to have a look at the various Notification Types that are available.

...

Pål to write about what needs to be configured on the IdP side, both for general attribute release so it works to authenticate using ones IdP towards the SCM system, and also the specific attributes that will be used to the Sectigo version of the client certificates self-service-via-SAML portal.

Using the REST API

Point to Sectigo REST API documentation .

Discuss creating API users and how to use the WS API only privilege.

can be found at https://support.sectigo.com/Com_KnowledgeProductPage?c=Sectigo_Certificate_Manager_SCM in the "SCM - Sectigo Certificate Manager REST API"  document.

Authentication is via login name and password for a RAO or DRAO admin. The customerUri is "sunet".

We recommend that your create separate RAO or DRAO admins to use with the API instead of reusing the same admins as for web UI work. To create an API-only admin:

  • Use your RAO to create the new admin as you would create a "normal web UI admin", including setting a temporary password.
  • Login to the new admin and perform the mandatory initial password change for it.
  • Back with your original RAO, edit the new admin and set the "WS API use only" flag for it.

To be allowed to use the API calls for handling certificates, you must edit the appropriate Organization or Department object, and on the SSL Certificate tab, enable the Web API checkbox. You will be required to provide a value for the Secret Key field too. Enter a good random value there and promptly forget it. As far as we are aware, that secret is not used for the current REST APITell admins to enable Web API for Org/Dept tab "SSL Certificate" to make API work for that part.