Skip to content

Commit e24be1e

Browse files
author
Keyfactor
committed
Update generated docs
1 parent b551b88 commit e24be1e

1 file changed

Lines changed: 21 additions & 19 deletions

File tree

README.md

Lines changed: 21 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -206,23 +206,6 @@ The plugin supports the following standard CRL revocation reasons:
206206
| **HydrantIdAuthId** | API Authentication ID provided by HydrantId | Yes | `your-auth-id` |
207207
| **HydrantIdAuthKey** | API Authentication Key provided by HydrantId | Yes | `your-secret-auth-key` |
208208
209-
### Template (Product) Configuration
210-
211-
Each certificate template (policy) discovered from HydrantId requires configuration for enrollment:
212-
213-
| Parameter | Description | Required | Example |
214-
|-----------|-------------|----------|---------|
215-
| **ValidityPeriod** | Time unit for certificate lifetime | Yes | `Days`, `Months`, or `Years` |
216-
| **ValidityUnits** | Numeric value for the validity period | Yes | `365` (for 1 year in days), `12` (for 1 year in months), `2` (for 2 years) |
217-
| **RenewalDays** | Days before expiration to trigger renewal | Yes | `30` (renew within 30 days of expiration) |
218-
219-
**Important Notes:**
220-
- Template names (Product IDs) are automatically discovered from HydrantId using the GET /api/v2/policies endpoint
221-
- The ValidityPeriod and ValidityUnits combine to determine the certificate lifetime
222-
- RenewalDays determines the behavior for certificate renewal:
223-
- Within window: Performs a renewal operation (maintains certificate lineage)
224-
- Outside window: Performs a re-issue operation (new certificate enrollment)
225-
226209
### Gateway Registration Notes
227210
228211
- Each defined Certificate Authority in the AnyCA Gateway REST can support one HydrantId API endpoint
@@ -278,11 +261,30 @@ The plugin supports the following standard CRL revocation reasons:
278261
* **HydrantIdAuthId** - The AuthId Obtained from HydrantId.
279262
* **HydrantIdAuthKey** - The AuthKey Obtained from HydrantId.
280263
281-
2. TODO Certificate Template Creation Step is a required section
264+
2. ### Template (Product) Configuration
265+
266+
Each certificate template (policy) discovered from HydrantId requires configuration for enrollment:
267+
268+
| Parameter | Description | Required | Example |
269+
|-----------|-------------|----------|---------|
270+
| **ValidityPeriod** | Time unit for certificate lifetime | Yes | `Days`, `Months`, or `Years` |
271+
| **ValidityUnits** | Numeric value for the validity period | Yes | `365` (for 1 year in days), `12` (for 1 year in months), `2` (for 2 years) |
272+
| **RenewalDays** | Days before expiration to trigger renewal | Yes | `30` (renew within 30 days of expiration) |
273+
274+
**Important Notes:**
275+
- Template names (Product IDs) are automatically discovered from HydrantId using the GET /api/v2/policies endpoint
276+
- The ValidityPeriod and ValidityUnits combine to determine the certificate lifetime
277+
- RenewalDays determines the behavior for certificate renewal:
278+
- Within window: Performs a renewal operation (maintains certificate lineage)
279+
- Outside window: Performs a re-issue operation (new certificate enrollment)
282280
283281
3. Follow the [official Keyfactor documentation](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCA-Keyfactor.htm) to add each defined Certificate Authority to Keyfactor Command and import the newly defined Certificate Templates.
284282
285-
4. TODO Custom Enrollment Parameter Creation Step is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info
283+
4. In Keyfactor Command (v12.3+), for each imported Certificate Template, follow the [official documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Configuring%20Template%20Options.htm) to define enrollment fields for each of the following parameters:
284+
285+
* **ValidityPeriod** - The desired lifetime time period could be Days, Months or Years.
286+
* **ValidityUnits** - The desired lifetime time value some number indicating days, months or years.
287+
* **RenewalDays** - The window that determines whether it is a renewal vs a re-issue.
286288
287289
288290
## Installation

0 commit comments

Comments
 (0)