Artifact Signing - no document request email, no progress indicator

Question

My Public Identity for Azure Artifact Signing has been approved, but when creating a Private Trust certificate profile, the CN/O/OU dropdown is empty. The portal says “complete the identity validation,” but no document requests are pending.

I need some confidence that this will keep moving along. Without email or an indicator that it is in progress, all I can assume is this has concluded without notice.

Please complete the organization verification and enable my certificate subject (CN/O/OU) so I can create a Private Trust certificate profile for code signing.

Answer 1

You need to complete a Private identity type for creating Private Trust certificates. The Public identity works for publicly trusted certificate profiles.

Answer 2

Organization and individual identity validation must complete successfully before certificate subject values (CN/O/OU) become available for certificate profiles.

Key points from the service behavior:

1. Identity validation is a prerequisite for any certificate profile
   • A certificate profile can be created only after at least one identity validation request is completed.
   • Identity validations and certificate profiles are aligned to either Public Trust or Private Trust; a Private Trust certificate profile still relies on the completed identity validation resource for its subject DN values.
2. Public vs. Private identity validation
   • Public Trust and Private Trust are identity validation types, not separate organizations. Public Trust requires full validation per the Microsoft PKI CPS; Private Trust relies primarily on the Azure tenant information and performs minimal additional verification.
   • For Private identity validation, the Organization Name defaults to the Microsoft Entra tenant name, and an Organizational Unit (OU) can be entered during the identity validation request.
3. When identity validation appears stuck or incomplete
   • If the portal indicates “complete the identity validation” and the CN/O/OU dropdown is empty, the service is still treating the identity validation as incomplete for the attributes required by the certificate profile.
   • Creating additional identity validation requests for the same entity that is already in progress does not help and identity validation requests cannot be expedited.
4. Required actions
   • Verify that the identity validation resource associated with the Private Trust certificate profile is in Completed status in the Artifact Signing account → Identity validations blade.
   • If the status is In Progress or Action Required, follow any instructions there. If no document request is visible but the portal still blocks certificate subject selection, contact Azure Support for Artifact Signing to have the validation state and subject attributes reviewed.
   • If the current identity validation ultimately fails (for example, due to email verification or documentation issues), a new identity validation request must be created and completed before CN/O/OU values will populate.
5. How to get support and confirmation
   • For assistance with identity validation issues (including missing document requests, unclear status, or blocked subject selection), use Azure Support or Microsoft Q&A with the artifact-signing tag as documented. Support can confirm whether organization verification is complete and ensure the identity validation is correctly associated so CN/O/OU values become available for the Private Trust certificate profile.

These steps ensure that once the identity validation resource is truly in Completed state and aligned with the certificate profile type, the certificate subject (CN/O/OU) will be enabled for creating the Private Trust certificate profile.

---

References:

• Artifact Signing FAQ
• Quickstart: Set up Artifact Signing
• Artifact Signing resources and roles
• Artifact Signing certificate management