GlobalSign
SecTrail CM integrates with the GlobalSign ManagedSSL service to centrally manage ordering, renewal, and revocation of SSL/TLS certificates.
Connection Requirementsβ
| Requirement | Detail | Description |
|---|---|---|
| Protocol | SOAP API (HTTPS) | GlobalSign ManagedSSL API is used |
| API Endpoint | https://system.globalsign.com/kb/ws/v1/ManagedSSLService?wsdl | ManagedSSL SOAP service |
| Authentication | Basic Authentication | Authentication with Username and Password |
| User Permission | ManagedSSL API Access | Certificate order, query, and management permission |
Automatic Operationsβ
SecTrail CM automatically performs the following operations on GlobalSign:
- Certificate Order: Creating a new SSL/TLS certificate request
- Order Query: Viewing the status of existing certificate orders
- Certificate Renewal: Renewing certificates about to expire
- Certificate Revocation: Revoking certificates that are no longer used or compromised
Configuration Stepsβ
1. Add GlobalSign Profileβ
Navigate to Integrations > GlobalSign and click the Add New Global Sign Profile button:
Enter the following information:
- Name: Give a descriptive name for the profile
- URL: GlobalSign ManagedSSL API endpoint address
https://system.globalsign.com/kb/ws/v1/ManagedSSLService?wsdl
- Username: Your GlobalSign API username
- Password: Your GlobalSign API password
- Proxy: Proxy usage (Enable/Disable)
Click Submit button to save the profile.
GlobalSign will use the specified contact information for certificate operations. Ensure this information is accurate and up-to-date.
2. View GlobalSign Accountsβ
After adding a profile, it will be displayed in the Integrations > GlobalSign list:
The list screen displays the following information:
- Name: Profile name
- URL: API endpoint address
- Username: Username
- Domain Details: Associated domain information
Account Operationsβ
The following operations can be performed for each profile:
- Refresh (π): Refresh profile information
- Edit (βοΈ): Edit profile settings
- Delete (ποΈ): Delete profile
View Certificate Ordersβ
After GlobalSign integration, you can view all your certificate orders:
Navigate to Integrations > GlobalSign > Orders:
Order Informationβ
| Field | Description |
|---|---|
| Order Request Date | Certificate request date |
| Order | GlobalSign order number |
| Common Name | Domain name where the certificate will be used |
| Product | Certificate product type |
| Status | Certificate status (Issued, Pending, etc.) |
| Days | Remaining validity period (days) |
Certificate Statusesβ
- Issued π’: Certificate successfully issued and active
- Pending π‘: Order is being processed
- Revoked π΄: Certificate revoked
- Expired β«: Certificate expired
Certificate Managementβ
Certificate Renewal (Renew)β
To renew certificates about to expire:
- Navigate to Integrations > GlobalSign > Orders
- Find the certificate you want to renew
- Click Renew Certificate button (π green icon)
- Confirm the renewal
It is recommended to start renewing certificates at least 30 days before the expiration date.
Certificate Revocation (Revoke)β
To revoke compromised or no longer used certificates:
- Navigate to Integrations > GlobalSign > Orders
- Find the certificate you want to revoke
- Click Revoke Certificate button (π« red icon)
- Confirm the revocation
Once a certificate is revoked, this action cannot be undone. A revoked certificate can no longer be used.