Skip to content

PKI Change Requests

PKI Change Requests provide a controlled way to modify, delete, or change the state of certificate profiles. All changes require approval before they take effect.

Why Change Requests?

Certificate profiles may be shared across multiple products. Direct modifications could have unintended side effects. The change request workflow ensures:

  • Changes are reviewed before being applied
  • An audit trail of all modifications
  • Protection against accidental changes

Change Types

Modify Profile

Allows modifying the fields of an existing profile. When creating a modify request:

  1. Select the target profile from the list
  2. The current profile fields are loaded for editing
  3. Modify the desired fields (DN, algorithms, validity, key usage, etc.)
  4. Submit for approval

Note

Only profiles in Ready state are available for modification. Profiles in other states are filtered out.

Set Profile to Be Deleted

Marks a profile for deletion. This changes the profile state to ToBeDeleted.

  • Only profiles in Ready state that are not used by any product are shown
  • The profile is not immediately deleted; it is marked for deletion
  • A separate delete action can permanently remove profiles in ToBeDeleted state

Warning

Deleting a profile is irreversible. Ensure the profile is no longer needed before proceeding.

Set Profile to Ready

Restores a profile to Ready state from ToBeDeleted state.

  • Only profiles currently in ToBeDeleted state are shown
  • This effectively cancels a pending deletion

Approval Flow

  1. Create - User creates a change request and submits it for approval
  2. Review - An approver reviews the requested changes
  3. Approve/Reject - The approver can approve or reject the request
  4. Applied - Approved changes are automatically applied to the profile

Fields

Field Description
Name A descriptive name for the change request
Description Optional details about why the change is needed
Change Type The type of change (Modify, Delete, Ready)
Profile The target profile to be changed

For the full PKI documentation, see the Certificate Management Guide.