Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.


Expand/Collapse All

Description

Use this task to create a new domain request in the QuoVadis Certificate Authority. It is saved as a request core-object in a dedicated data-pool.

Prerequisites

Data-pool

  1. The data-pool must have the fields shown below. Pay special attention to the name of the Meta_CoreObjectState_-field which needs to end with the matching data-pool name:
  2. Note the field TransactionId which is used to store a UUID assigned by QuoVadis to each domain request. It is required to later query the status of the request.
    Usually the internal Requests table is used as data-source as shown below:

State-graph

  1. The state-graph must contain at least the following states: pending/approved/rejected (case-insensitive), with transitions from pending to both approved and rejected.
  2. If you want to disambiguate requests that did not yet have their state queried at the CA from those which are pending according to the CA, then add a start state sent before pending, as shown below, but this is optional (pending will be the start state when not using sent).

Request core-template

  1. You need a request core-template which uses the above data-pool and state-graph definitions:

Search-configuration (optional)

  1. Optionally you may configure a search-configuration for your request core-objects, for example, like this:

Configuration

To use this task, configure the following delegate expression in your service task:

${quoVadisRequestDomainParametrizedTask}

The following parameters can be configured in Identity Manager Admin:

ParameterMandatorySample ValueDescription
quoVadisConnection

MyQvConnectorConfigQuoVadis connection name.
organisation

My QV OrganisationQuoVadis organisation name.
adminEmail

qvadmin@mycompany.comQuoVadis administrator e-mail address.
domain

my.new.domain.comDomain or IP-address for which to issue the request.
isEV

falseWhether you want to use extended validation with this domain.
requestTemplate

QvDomainRequestThe core template name which should be used for the new QuoVadis domain request core objects.
errorMsgField

ErrorMsgThe name of the field in which to save the error message for errors that happen during CA request or when saving of the core-object.
If no such error happened, then this field is not set.
errorCodeField

ErrorCodeThe name of the field in which to save the error code for errors that happen during CA request or when saving of the core-object.
This can be either of the following:
  • caRequestFailed
    → could not issue the domain request at the CA
  • saveFailed
    → domain request was successful, but creating the request core-object failed

If no such error happened, then this field is not set.

Description

Use this task to query the status of a QuoVadis domain request in the Certificate Authority and update the state of the request core-object in Identity Manager accordingly.
This task requires a QuoVadis domain request core-object to be loaded into the process map before execution.

The QuoVadis API does not allow any other kind of interaction with a created domain request besides querying its status. For example, to cancel a request is not supported.

Prerequisites

The prerequisites of the Cert QuoVadis PKI: Create domain request task above also apply here.

Configuration

To use this task, configure the following delegate expression in your service task:

${quoVadisUpdateDomainRequestStatusParametrizedTask}

The following parameters can be configured in Identity Manager Admin:

ParameterMandatorySample ValueDescription
quoVadisConnection

MyQvConnectorConfigQuoVadis connection name.
organisation

My QV OrganisationQuoVadis organisation name.
requestDataPool

DpQuoVadisDomainRequestData-pool for QuoVadis domain requests.
errorMsgField

ErrorMsgThe name of the field in which to save the error message for errors that happen during CA request or when saving of the core-object.
If no such error happened, then this field is not set.
errorCodeField

ErrorCodeThe name of the field in which to save the error code for errors that happen during CA request or when saving of the core-object.
This can be either of the following:
  • caRequestFailed
    → could not query the domain request status at the CA
  • saveFailed
    → querying the request status was successful, but could not update the state of the request core-object

If no such error happened, then this field is not set.

Description

Use this task to save account domain list from QuoVadis Certificate Authority into Identity Manager lookup table. This task deletes the old domain list entry and creates a fresh entry in the configured lookup table.

Prerequisites

Create a lookup table-based datapool and core template name for storing the domain list information into Identity Manager.

Datapool

  1. The datapool must have the fields with the described names as shown in this figure. This field names are fixed and taken from DomainInfo response.

  2. Configure the datapool datasource as lookup table as shown in this figure:

       

Lookup table

  1. Create a lookup table which belongs to the Domain data pool. Any state graph can be assigned to this lookup table. 

       

Configuration

To use this task, configure the following delegate expression in your service task:

${quoVadisDomainListUpdateParametrizedTask}

The following parameters can be configured in Identity Manager Admin:

ParameterMandatoryValueDescription
quoVadisConnection


QuoVadis connection name.
coreTemplateName


The core template name which should be used for the new core objects. This core template should consist of lookup table type DomainList Datapool.