GCM Trigger

This section details how to configure the Triggers that will be used by Profiles to push or delete certificates to/from Google Certificate Manager.

Prerequisites

GCM Connector

How to configure GCM Trigger

1. Log in to Horizon Administration Interface.

2. Access GCM Triggers from the drawer or card: Third Parties  GCM  Triggers.

3. Click on Add Connector.

4. Fill the mandatory fields.

  • Name* (string input):
    Enter a meaningful trigger name. It must be unique for each trigger. Horizon uses the name to identify the trigger.

  • GCM Connector* (select):
    Select a GCM connector previously created.

  • Retries in case of error (int):
    Number of times to retry to push the change on the GCM repository in case of error. Must be an integer between 1 and 15.

5. Click on the save button.

You can update Edit Connector or delete Delete Connector the GCM Trigger.

Synchronization using triggers

Triggers are a functionality of WebRA, Intune PKCS, WCCE and CRMP profiles that allows to push lifecycle events into a third party whenever they occur on a profile.

1. Refer to the trigger documentation to create a trigger.

2. Create or modify the profile you wish to use the triggers on.

3. Go to the Triggers tab, then on Certificate lifecycle triggers

4. Chose which lifecycle events you wish to use triggers upon (enrollment, revocation, expiration)

5. Select one or more existing triggers from the menu (if several are selected, they will all be called whenever the selected event occurs)

6. Click on the Save button.

From now on, whenever a selected lifecycle event will occur on the configured profile, the trigger will be called and the and the certificate will be pushed into or removed from the third party container.

Google Certificate Manager requires the certificate CN to be a valid DNS hostname. If you try to push a certificate with a CN that is not a valid DNS hostname, you may receive a validation error stating that the "domain name doesn’t comply with RFC 1034 3.5 preferred name syntax (relaxed by RFC 1123 2.1)".

Therefore, we recommend validating the certificate CN using Horizon validation rules to ensure consistency between certificates in Horizon and on Google Certificate Manager.