Applies to:
Venafi Encryption Director 6.1 and above, TrustAuthority / TrustForce 14.1 and above
Summary:
Currently Venafi Encryption Director does not allow for Workflow to be bypassed on first time enrollment, however this can be accomplished in the production using the following method:
Rather than having workflow approval required at Stage 0 for someone to acknowledge that they want to renew a certificate, (1) disable automatic renewal for certificates, (2) customize expiration related notifications to instruct the recipient to log into Director and click 'Renew Now' on the certificate if it needs to be renewed or check the 'Processing Disabled' box if it should be retired.
There is effectively no difference between that and having Director automatically begin the renewal process stopping at Stage 0 and sending out a notification to someone to log in and approve the workflow ticket if it needs to be renewed.
Comments
What is the approver is a business application owner who is only approving the change window. This business approver do not need to know all the details with respect to Venafi's "Renew Now" button etc..
It would be easier for a business approver to just approve and let Venafi proceed with its certificate issuance process. Are there other means to differentiate New cert request vs a renewal?