Skip to content

CERT_REQUEST_PROCESSED Audit Event

Jump to bottom
Endi S. Dewata edited this page May 31, 2023 · 4 revisions

Overview

The CERT_REQUEST_PROCESSED audit event is generated when a certificate request has just been through the approval process.

Properties:

  • SubjectID must be the UID of the agent who approves, rejects, or cancels the certificate request

  • ReqID must be the request ID

  • InfoName must be value certificate (in case of approval), rejectReason (in case of rejection), or cancelReason (in case of cancelation)

  • InfoValue must contain the certificate (in case of success), a rejection reason in text, or a cancelation reason in text

Examples

Approved Requests

Use PKI CLI to approve a certificate request:

$ pki -n caadmin ca-cert-request-review 7 --action approve

In PKI 10.4.5 or later the server will generate a log with the certificate serial number:

[AuditEvent=CERT_REQUEST_PROCESSED][SubjectID=caadmin][Outcome=Success][ReqID=7]
[CertSerialNum=7] certificate request succeeded

Prior to 10.4.5 the server will generate an event with the base64-encoded certificate data:

[AuditEvent=CERT_REQUEST_PROCESSED][SubjectID=caadmin][Outcome=Success][ReqID=7]
[InfoName=certificate][InfoValue=MIIDBD...] certificate request processed

See also:

Rejected Requests

Use PKI CLI to reject a certificate request:

$ pki -n caadmin ca-cert-request-review 7 --action reject

In PKI 10.4.5 or later the server will generate a log with [Outcome=Failure]:

[AuditEvent=CERT_REQUEST_PROCESSED][SubjectID=caadmin][Outcome=Failure][ReqID=7]
[InfoName=rejectReason][InfoValue=<null>] certificate request processed

Prior to PKI 10.4.5 the server will generate an event with [Outcome=Success]:

[AuditEvent=CERT_REQUEST_PROCESSED][SubjectID=caadmin][Outcome=Success][ReqID=7]
[InfoName=rejectReason][InfoValue=<null>] certificate request processed

Canceled Requests

Use PKI CLI to cancel a certificate request:

$ pki -n caadmin ca-cert-request-review 7 --action cancel

In PKI 10.4.5 or later the server will generate a log with [Outcome=Failure]:

[AuditEvent=CERT_REQUEST_PROCESSED][SubjectID=caadmin][Outcome=Failure][ReqID=7]
[InfoName=cancelReason][InfoValue=<null>] certificate request processed

Prior to 10.4.5 the server will generate the an event with [Outcome=Success]:

[AuditEvent=CERT_REQUEST_PROCESSED][SubjectID=caadmin][Outcome=Success][ReqID=7]
[InfoName=cancelReason][InfoValue=<null>] certificate request processed

Invalid Requests

Use PKI CLI to submit an invalid certificate request:

$ pki client-cert-request UID=testuser --profile caServerCert

The server will generate the following events:

[AuditEvent=CERT_REQUEST_PROCESSED][SubjectID=$NonRoleUser$][Outcome=Failure][Re
qID=7][InfoName=rejectReason][InfoValue=Request 7 Rejected - Subject Name Not Ma
tched UID=testuser] certificate request processed
Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
Clone this wiki locally