Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
tutorial:adm:modules_crt_lrt_notification [2024/03/26 21:37] cem |
tutorial:adm:modules_crt_lrt_notification [2024/04/23 10:59] (current) cem [Auto-Generating or Revocation of Certificates] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Modules - Certificates: | + | ====== Modules - Certificates: |
In this tutorial, we will create a new scheduled task. This scheduled task will send a notification a few days before a certificate expires. | In this tutorial, we will create a new scheduled task. This scheduled task will send a notification a few days before a certificate expires. | ||
Line 57: | Line 57: | ||
===== Auto-Renewal of Certificates ===== | ===== Auto-Renewal of Certificates ===== | ||
- | To enable auto-renewal of certificates before expiration, you would need to set **CertificateRenewalTaskExecutor **in (**Settings → Scheduler and Scheduled Tasks**) that triggers renewal tasks automatically in defined times. There should be a set how many days before the expiration of a certificate the renewal process should be initiated. This ensures that certificates are renewed. | + | To enable auto-renewal of certificates before expiration, you would need to set **CertificateRenewalTaskExecutor **in (**Settings → Scheduler and Scheduled Tasks**) that triggers renewal tasks automatically in user defined times its not automatically sett. There should be a set how many days before the expiration of a certificate the renewal process should be initiated. This ensures that certificates are renewed. |
Setting conditions before renewal: | Setting conditions before renewal: | ||
Line 76: | Line 76: | ||
{{.: | {{.: | ||
- | The task showed in this image is designed to renew certificates with 5 days or less remaining validity. It checks whether the owner of the certificate holds a specific role, in this case, the role " | + | The task showed in this image is designed to renew certificates with 5 days or less remaining validity. |
+ | |||
+ | <note important> | ||
+ | |||
+ | ===== Auto-Generating or Revocation of Certificates ===== | ||
+ | |||
+ | <note important> | ||
+ | |||
+ | To enable auto-generating or revocating of certificates, | ||
+ | === Setting example and explanation what will happen when LRT starts: === | ||
+ | |||
+ | Role - defines ownership of certificate | ||
+ | |||
+ | {{.: | ||
+ | |||
+ | LRT check conditions for each user: | ||
+ | |||
+ | User have role **Certificate** and don't have valid certificate → LRT will generate new certificate for him. | ||
+ | |||
+ | User have role **Certificate** and one or more valid certificates → nothing will be changed. | ||
+ | |||
+ | User don't have role **Certificate** and have one or more valid certificates → LRT will revoke certificate o. | ||
+ | |||
+ | User don’t have role **Certificate** and don’t have certificate → nothing will be changed | ||
+ | |||
+ | At the end of this task every user with defined role will have certificate. | ||