Requests
The Requests page lets you manage certificate operations that require administrator approval. It has two tabs: Sign requests for new certificate issuance and Revoke requests for certificate revocation.
Requests list
Navigate to Operation → Private SSL → Requests to view all pending and processed requests.
Sign requests tab
This tab shows certificate signing requests (CSRs) submitted for approval.
The list shows:
- Name: Common name with status badge (Requested, Signing, Signed, Denied, Canceled, Failed)
- Authority: The CA that will sign the certificate
- SAN: Subject Alternative Names
- Valid for: Requested validity period
- Administrator: CA owner who will approve or deny the request
- Requested by: Who submitted the request
- Requested at: When the request was submitted
- Requested IP: IP address of the requester
Revoke requests tab
This tab shows requests to revoke existing certificates.
The list shows:
- Name: Certificate common name with status badge (Requested, Revoking, Revoked, Denied, Canceled, Failed)
- Reason: Revocation reason
- Requested by: Who submitted the request
- Requested at: When the request was submitted
Creating a sign request
Sign requests can only be created from the CLI.
Create a new sign request:
alpacon csr createThis opens an interactive editor to configure the CSR settings.
List all sign requests:
alpacon csr lsView details of a specific request:
alpacon csr describe CSR_IDCreating a revoke request
To revoke an existing certificate:
- Go to Certificates tab and find the certificate
- Click on the certificate and select Revoke
- Select a revocation reason
- Click Submit
Or from the CLI:
alpacon revoke create --certificate CERT_ID --reason CODERevocation reason codes
| Code | Reason | Description |
|---|---|---|
| 0 | Unspecified | No specific reason provided |
| 1 | Key compromise | The certificate’s private key was compromised |
| 2 | CA compromise | The CA’s private key was compromised |
| 3 | Affiliation changed | The subject’s affiliation changed |
| 4 | Superseded | The certificate was replaced |
| 5 | Cessation of operation | The subject is no longer operating |
| 6 | Certificate hold | Temporarily suspended |
| 9 | Privilege withdrawn | The subject’s privileges were revoked |
| 10 | AA compromise | The attribute authority was compromised |
Approving requests
Sign requests
- Go to Requests → Sign requests
- Click on a pending request
- Review the request details
- Click Approve or Deny
When approved, the CA signs the request and issues the certificate.
Additional actions available from the web UI:
- Cancel: The requester can cancel their own request while the status is Requested
- Mark failed: Administrators can mark a request as failed
- Retry: Available when the status is Signing (e.g., after a transient error)
CLI:
alpacon csr approve CSR_ID
alpacon csr deny CSR_ID
alpacon csr delete CSR_IDRevoke requests
- Go to Requests → Revoke requests
- Click on a pending request
- Review the revocation details
- Click Approve or Deny
When approved, the certificate is added to the CA’s CRL.
Additional actions available from the web UI:
- Cancel: The requester can cancel their own request while the status is Requested
- Mark failed: Administrators can mark a request as failed
- Retry: Available when the status is Revoking (e.g., after a transient error)
CLI:
alpacon revoke approve REVOCATION_ID
alpacon revoke deny REVOCATION_ID
alpacon revoke cancel REVOCATION_IDRequest statuses
Sign request statuses
| Status | Description |
|---|---|
| Requested | Awaiting administrator approval |
| Signing | Approved and being signed by the CA |
| Signed | Certificate has been issued |
| Denied | Request was rejected by administrator |
| Canceled | Request was canceled by the requester |
| Failed | An error occurred during signing |
Revoke request statuses
| Status | Description |
|---|---|
| Requested | Awaiting administrator approval |
| Revoking | Approved and being processed |
| Revoked | Certificate has been revoked |
| Denied | Request was rejected by administrator |
| Canceled | Request was canceled by the requester |
| Failed | An error occurred during revocation |
Retrying failed requests
If a request fails due to a temporary issue, you can retry it from the web UI or CLI. In the web UI, a Retry button appears when the request status is Signing or Revoking.
Sign requests:
alpacon csr retry CSR_IDRevoke requests:
alpacon revoke retry REVOCATION_IDCanceling requests
Cancel a pending request before it’s processed. In the web UI, a Cancel button appears for the requester when the request status is Requested.
Sign requests:
alpacon csr delete CSR_IDRevoke requests:
alpacon revoke cancel REVOCATION_IDCLI commands
Sign request commands
| Command | Description |
|---|---|
alpacon csr ls | List all sign requests |
alpacon csr describe CSR_ID | View request details |
alpacon csr create | Create a new sign request |
alpacon csr approve CSR_ID | Approve a request |
alpacon csr deny CSR_ID | Deny a request |
alpacon csr retry CSR_ID | Retry a failed request |
alpacon csr delete CSR_ID | Cancel a pending request |
alpacon csr download-crt CSR_ID | Download the issued certificate |
Revoke request commands
| Command | Description |
|---|---|
alpacon revoke ls | List all revoke requests |
alpacon revoke describe REVOCATION_ID | View request details |
alpacon revoke create | Create a new revoke request |
alpacon revoke approve REVOCATION_ID | Approve a request |
alpacon revoke deny REVOCATION_ID | Deny a request |
alpacon revoke retry REVOCATION_ID | Retry a failed request |
alpacon revoke cancel REVOCATION_ID | Cancel a pending request |
Related topics
- Certificates - View issued certificates
- Authorities - Manage certificate authorities
- CLI reference: alpacon csr - Full CSR command reference
- CLI reference: alpacon revoke - Full revoke command reference