We are currently integrating Automation Cloud with CyberArk. During the process, there is a step to Configure the authentication method. Could you please provide more details on how to configure the authentication method using certificate serial number?
We are following the link shared. However, could you please explain how to configure the authentication method using certificate serial number? This is Step 6 as shown in the screenshot.
Old post, @sachishekar Did you find what you are looking for?
CyberArk CCP (Central Credential Provider Web Service) Integration as described in the following document that you took your screenshot from is configuring authentication using a Client Certificate used to validate the authenticity of the connecting User/Service, the Serial Number comes from the Client Certificate being used.
Alternatively you can install the CyberArk AAM (Application Access Manager) on your Orchestrator node and integrate with CyberArk that way as documented in
Who can help me to get this client certificate to authenticate UiPath Orchestrator against CyberArk. I need to enter the client certificate details in CyberArk and Orchestrator for configuration.
I imagine in Cloud UiPath you only have access to configure CyberArk CCP and not CyberArk AAM as AAM requires the installation of a CyberArk Client.
The links I provided back in January should help you out as well as the docs on Managing Credential Stores
But in any case, when you configure Credential Store for your Orchestrator Tenant and using CyberArkCCP as the Type, a few of the fields you provide are the following.
Client Certificate (You generate a self-signed certificate (Using apps/commands of your choice, if your organization has an internal issuing CA, or Request from a CA: digitcert, verisign, etc. Which will often have a cost associated with it , alternatively you might be able to use a service like LetsEncrypt, but might not be suitable due to only being valid for 90 days which would be a bit of overhead to manage on your part, if you could automate the certificate rotation between Orchestrator and CyberArk)
Client Certificate Password (if there is one)
Server Root Certificate (If the CyberArk Server uses a self-signed certificate or a certificate that would otherwise not be signed by a Trusted Root CA that Orchestrator doesn’t already trust)
Your CA should have instructions on how to do that for them, can be as simple as filling out a form. If you actually need to generate a CSR to submit to your CA, you can use openssl to generate a key and csr. I quick search on Google will have a lot of information.
I’m sure there are other ways out there, but if not already using a Certificate Identity/Management Service, I generally fallback to openssl.