Applies To:
Current versions of TPP
Summary:
Some applications such as Apache require a restart for the certificate changes to take affect, We have command injection within our workflows that can allow you to do this as part of the automated workflow
More Info:
Grouping your workflows logically:
The command you run is typically going to be specific to two things – OS and Webserver. So if you can group or name the workflows in a way to be reused as much as possible, put them in a folder that would be accessible to as many applications as possible.
You may check to see if you have any pre-defined workflows already setup in your instance. Easy way to do that is click on “Policy” -> “Administration” -> “Workflows”. This is where we typically define them for central use when setting up new systems. Then, apply these workflows to the folders you want by clicking the policy folder and going to the “Workflow” tab.
General Step by Step:
Here is a step by step if you wanted to create a workflow from scratch for a specific folder - for example if you wanted to have a restart command that was only specific to that folder for specific webserver type. There is a specific stage you will want to trigger your application restart, and it’s stage 1100. This is a pre-defined stage in the process of provisioning that is made for what you are trying to do. For a full definition of the stages, see here:
https://docs.venafi.com/Docs/current/TopNav/Content/Workflow/r-workflow-object-settings-tpp.php
In the Trust Protection Platform, you can use the RestartApplication stage (Stage 1100) in your certificate workflow to execute a command injection workflow after a certificate has been successfully provisioned. This stage can be used to restart your Apache web server.
Here's a high-level overview of how you might set this up:
- From the Platform menu bar, click Policy Tree.
- Navigate to the policy folder where you want to set up the workflow, right click on the folder and hit add.
- Select Workflow and “Standard Workflow”.
- In the Name field, enter a name for this stage, such as "Restart Apache RHEL".
- In the Stage Code field, enter 1100 for the RestartApplication stage.
- In the Command field, enter the command to restart your Apache web server. The specific command will depend on your server's operating system and configuration. For example on RHEL and CentOS the command is "service httpd restart".
- Save your workflow
Note: The exact steps and fields may vary depending on your specific setup and requirements. Always refer to the official Venafi documentation or consult with a Venafi expert for accurate information.
Comments