1. Fortanix
  2. Confidential Computing Manager
  3. User Guide

User's Guide: Domain and Application Image Approval

Last Updated: 

1.0 Domain Approval

An application whose domain is approved will get a TLS Certificate from Fortanix Confidential Computing Manager (CCM). This certificate will have the domain as a subject name which will allow all requests from this domain to be served by the application. If this domain is not approved, the image will run but it will not be issued any TLS certificate from Fortanix Confidential Computing Manager.

Prerequisites:

  1. An application should be created with a new domain.

Steps:

  1. Add a group as described in Create a Group.
  2. Add an application with a domain as described in Add an application.
  3. After the application is created successfully, click the Tasks menu item in the CCM UI left navigation bar for approving a domain approval task. tasks-landing-screen.png
    Figure 1: Tasks Tab for Domain Approval
  4. A domain approval task will be created for the application. Click the task and click Approve to approve the task (Figure 2). pending-landing-screen.png
    Figure 2: Task for App Domain Approval
  5. Any user in the account with an Administrator or Editor role can approve a task.
  6. After the task is approved, you can see your approved task with a summary in the Approved tab. approved-tab.png
    Figure 3: Approve Tasks

2.0 Image Approval

After an image is created and when an application runs from this converted image, the application will try to contact Fortanix Confidential Computing Manager and ask for a TLS Certificate. If the image is not approved, it will run but the Fortanix Confidential Computing Manager will deny this TLS Certificate. If the Fortanix CCM denies the TLS Certificate, then the application will not run. To run applications in the enclave over certificates issued by this service, an image needs to be approved. When an image is approved, it is added to the list of pending requests in the Tasks screen of the Fortanix Confidential Computing Manager UI. You can use the UI to approve or deny the request.

Prerequisites: An application created successfully.

Steps:

  1. Create an image of an application as described in Create an Image for an Application.
  2. After the image is created successfully, click the Tasks menu list in the CCM UI left navigation bar to approve the application image approval task.tasks-landing-screen.png
    Figure 4: Tasks Tab for Image Approval
  3. An application image approval task will be created for the application. Review the request, and then click Approve or Decline. image-pending-approval.png
    Figure 5: Tasks for Image Approval
  4. Any user in the account with an Administrator or Editor role can approve an image approval task.
  5. After the task is approved, click the Closed tab on the same page. Your closed task will now be listed with a summary. image-approved-tab.png
    Figure 6: Tasks for Image Approved

Comments

Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful