[openxpki.git] / trunk / deployment / etc / templates / default / workflow_activity_certificate_signing_request.xml
| blob | f0d921f130d9b44d0ab3347b07dfe5228369d144 |
1 <actions>
2 <!-- this action name has not to be human readable -->
3 <!-- because it is only used to initialize the workflow -->
4 <action name="create_csr"
5 class="OpenXPKI::Server::Workflow::Activity::Tools::SetSource"
6 source="USER">
7 <field name="cert_role"/>
8 <field name="cert_profile"/>
9 <field name="cert_subject_style"/>
10 <field name="cert_subject_parts"/>
11 <field name="cert_subject_alt_name_parts"/>
12 <field name="cert_info"/>
13 <field name="csr_type"/>
14 <field name="spkac"/>
15 <field name="pkcs10"/>
16 <field name="bulk"/>
18 <validator name="KeyLength"/>
20 <validator name="Bulk">
21 <arg>$bulk</arg>
22 </validator>
24 <validator name="KeyReuse">
25 <arg>$csr_type</arg>
26 <arg>$pkcs10</arg>
27 <arg>$spkac</arg>
28 </validator>
30 <!-- do not use field with is_required -->
31 <!-- because this ignores the order of the validators -->
32 <validator name="HasRequiredField">
33 <arg>cert_role</arg>
34 </validator>
35 <validator name="CertRole">
36 <arg>$cert_role</arg>
37 </validator>
38 <validator name="HasRequiredField">
39 <arg>cert_profile</arg>
40 </validator>
41 <validator name="CertProfile">
42 <arg>$cert_profile</arg>
43 <arg>$cert_profile_id</arg>
44 <arg>$cert_role</arg>
45 </validator>
46 <validator name="HasRequiredField">
47 <arg>cert_subject_style</arg>
48 <arg>cert_subject_parts</arg>
49 </validator>
50 <validator name="CertSubjectParts">
51 <arg>$cert_profile</arg>
52 <arg>$cert_profile_id</arg>
53 <arg>$cert_subject_style</arg>
54 <arg>$cert_subject_parts</arg>
55 </validator>
56 <validator name="HasRequiredField">
57 <arg>cert_subject_alt_name_parts</arg>
58 </validator>
59 <validator name="CertSubjectAltNameParts">
60 <arg>$cert_profile</arg>
61 <arg>$cert_subject_style</arg>
62 <arg>$cert_subject_parts</arg>
63 <arg>$cert_subject_alt_name_parts</arg>
64 </validator>
65 <validator name="HasRequiredField">
66 <arg>cert_info</arg>
67 <arg>csr_type</arg>
68 </validator>
69 <validator name="SPKAC">
70 <arg>$csr_type</arg>
71 <arg>$spkac</arg>
72 </validator>
73 <validator name="PKCS10">
74 <arg>$csr_type</arg>
75 <arg>$pkcs10</arg>
76 </validator>
77 </action>
78 <action name="notify_user_of_creation"
79 class="OpenXPKI::Server::Workflow::Activity::Tools::Notification"
80 message="csr_created">
81 <validator name="KeyLength"/>
82 </action>
83 <action name="notify_user_of_issuance"
84 class="OpenXPKI::Server::Workflow::Activity::Tools::Notification"
85 message="certificate_issued">
86 </action>
87 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_CSR_ROLE"
88 class="OpenXPKI::Server::Workflow::Activity::Tools::SetSource"
89 source="OPERATOR">
90 <!-- do not use field with is_required="yes" -->
91 <!-- because this ignores the order of the validators -->
92 <field name="cert_role"/>
93 <validator name="CertRole">
94 <arg>$cert_role</arg>
95 </validator>
96 </action>
97 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_CSR_PROFILE"
98 class="OpenXPKI::Server::Workflow::Activity::Tools::SetSource"
99 source="OPERATOR">
100 <!-- do not use field with is_required="yes" -->
101 <!-- because this ignores the order of the validators -->
102 <field name="cert_profile"/>
103 <validator name="CertProfile">
104 <arg>$cert_profile</arg>
105 </validator>
106 </action>
107 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_CSR_SUBJECT_STYLE"
108 class="Workflow::Action::Null">
109 <!-- do not use field with is_required="yes" -->
110 <!-- because this ignores the order of the validators -->
111 <field name="cert_subject_style"/>
112 </action>
113 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_NOTBEFORE"
114 class="OpenXPKI::Server::Workflow::Activity::Tools::SetSource"
115 source="OPERATOR">
116 <field name="notbefore"/>
117 <validator name="ValidityTime">
118 <arg>$notbefore</arg>
119 </validator>
120 </action>
121 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_NOTAFTER"
122 class="OpenXPKI::Server::Workflow::Activity::Tools::SetSource"
123 source="OPERATOR">
124 <field name="notafter"/>
125 <validator name="ValidityTime">
126 <arg>$notafter</arg>
127 </validator>
128 </action>
129 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_CSR_SUBJECT"
130 class="OpenXPKI::Server::Workflow::Activity::Tools::SetSource"
131 source="OPERATOR">
132 <!-- do not use field with is_required="yes" -->
133 <!-- because this ignores the order of the validators -->
134 <field name="cert_subject"/>
135 </action>
136 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_CSR_SUBJECT_ALT_NAME"
137 class="OpenXPKI::Server::Workflow::Activity::Tools::SetSource"
138 source="OPERATOR">
139 <!-- do not use field with is_required="yes" -->
140 <!-- because this ignores the order of the validators -->
141 <field name="cert_subject_alt_name"/>
142 </action>
143 <action name="I18N_OPENXPKI_WF_ACTION_CHANGE_CSR_INFO"
144 class="Workflow::Action::Null">
145 <!-- do not use field with is_required="yes" -->
146 <!-- because this ignores the order of the validators -->
147 <field name="cert_info"/>
148 </action>
149 <action name="I18N_OPENXPKI_WF_ACTION_APPROVE_CSR"
150 class="OpenXPKI::Server::Workflow::Activity::Tools::Approve"
151 pkcs7tool="testsceppkcs7tool1"
152 multi_role_approval="0"
153 check_creator="0">
154 <!-- if multi_role_approval is set to 1, a user is allowed
155 to approve the certificate request with different
156 session roles -->
157 <field name="_check_hash"/>
158 <field name="_signature"/>
159 <field name="_signature_text"/>
160 <validator name="ValidApprovalSignatureCSR">
161 <arg>$_signature</arg>
162 <arg>$_signature_text</arg>
163 </validator>
164 </action>
165 <action name="I18N_OPENXPKI_WF_ACTION_EXPORT_CSR"
166 class="OpenXPKI::Server::Workflow::Activity::Tools::Export"
167 export_destination="0"
168 export_state="INITIAL_IMPORT">
169 </action>
170 <action name="I18N_OPENXPKI_WF_ACTION_PERSIST_CSR"
171 class="OpenXPKI::Server::Workflow::Activity::CSR::PersistRequest">
172 </action>
173 <action name="I18N_OPENXPKI_WF_ACTION_CANCEL_CSR_APPROVAL"
174 class="OpenXPKI::Server::Workflow::Activity::Tools::CancelApprovals">
175 </action>
176 <action name="I18N_OPENXPKI_WF_ACTION_REJECT_CSR"
177 class="OpenXPKI::Server::Workflow::Activity::Tools::Notification"
178 message="csr_rejected">
179 </action>
180 <action name="I18N_OPENXPKI_WF_ACTION_SLEEP_FOR_CHILD"
181 class="OpenXPKI::Server::Workflow::Activity::Tools::Sleep"
182 time="10">
183 </action>
185 <action name="I18N_OPENXPKI_WF_ACTION_FORK_CERT_ISSUANCE_INSTANCE"
186 class="OpenXPKI::Server::Workflow::Activity::Tools::ForkWorkflowInstance"
187 workflow_type="I18N_OPENXPKI_WF_TYPE_CERTIFICATE_ISSUANCE"
188 role="CA Operator">
189 </action>
190 <action name="I18N_OPENXPKI_WF_ACTION_EXPORT_FINISHED_CSR"
191 class="OpenXPKI::Server::Workflow::Activity::Tools::Export"
192 export_destination="0"
193 export_state="SUCCESS">
194 </action>
195 <action name="I18N_OPENXPKI_WF_ACTION_EXPORT_FAILED_CSR"
196 class="OpenXPKI::Server::Workflow::Activity::Tools::Export"
197 export_destination="0"
198 export_state="FAILURE">
199 </action>
200 <action name="null"
201 class="Workflow::Action::Null">
202 </action>
203 <action name="generate_key"
204 class="OpenXPKI::Server::Workflow::Activity::CSR::GenerateKey">
205 <field name="_key_type"/>
206 <field name="_key_gen_params"/>
207 <field name="_password"/>
208 <validator name="PasswordQuality">
209 <arg>$_password</arg>
210 </validator>
211 </action>
212 <action name="generate_pkcs10"
213 class="OpenXPKI::Server::Workflow::Activity::CSR::GeneratePKCS10">
214 </action>
216 <action name="child_finished_successfully"
217 class="Workflow::Action::Null"/>
219 <action name="child_finished_failure"
220 class="Workflow::Action::Null"/>
221 </actions>