Hello Ryan, for automated enrollments (via SCEP/EST/RPC) you can use the "eligiblity" check to provide so called approval points to a request
https://openxpki.readthedocs.io/en/stable/reference/configuration/workflows/scep.html#eligibility There is a post on the ML on this already https://sourceforge.net/p/openxpki/mailman/message/36609384/ If you want this for the manual request workflow, you need to write a similar workflow step yourself and skip the approval loop based on the workflow contents. You should be able to reuse the code/config from the enrollment workflow. Oliver Am 05.03.20 um 20:47 schrieb Ryan, Spencer: > Hello all, > > > > New user here, and I’ve done a ton of searching but unfortunately either > the info isn’t there or I’m not using the right terms. > > > > I’m trying to get a simple workflow set up for our users. What I want is > that for specific subdomains, no approval should be necessary for a > cert, but anything else would. > > > > Imagine *.labs.contoso.com is a free for all but contoso.com isn’t. > > > > Any tips/tricks/guides on how to configure that? > > > > *Spencer Ryan*| Senior Systems Administrator | [email protected] > <mailto:[email protected]> > > *Arbor Networks*| *The security division of NETSCOUT* > > +1.734.794.5033 (d) | +1.734.846.2053 (m) > > www.arbornetworks.com <http://www.arbornetworks.com/> > > > > > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users > -- Protect your environment - close windows and adopt a penguin!
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
