Enable your team to request and approve TLS certificates inside Slack. Users submit a domain in a Slack modal, the domain is checked for risk, and safe requests are issued automatically while risky ones get routed for human review. This is ideal for IT and security teams that want fast, safe certificate handling without leaving chat.

Incoming Slack events reach n8n through a webhook. The flow parses the payload, opens a Slack modal, and responds quickly so Slack does not time out. After submission, the workflow closes the modal, looks up the requester’s Slack email and team details, and scans the domain with VirusTotal. Results and context are merged. If no malicious reports are found, a Venafi TLS Protect Cloud node generates the CSR and issues the certificate. If risk is detected, OpenAI writes a short summary and a Slack message asks for manual approval. A domain format check runs before the request is sent.

Setup needs a Slack app with Events and Interactivity, API keys for VirusTotal and OpenAI, and Venafi access with the correct template and application IDs. Expect faster turnarounds, fewer errors, and clear approvals in Slack, even at high request volumes.

• Slack webhook intake and instant responses to keep interactions within Slack time limits.
• Interactive Slack modal to capture the domain and request details from the user.
• User and team enrichment using subworkflows that translate Slack IDs to email, name, and team data.
• VirusTotal domain scan via HTTP Request with results summarized for decision making.
• Conditional path that auto issues when there are zero malicious reports, or routes to review when risk appears.
• Venafi TLS Protect Cloud action that generates a CSR and issues the certificate using your template and application IDs.
• OpenAI generates a short risk summary for manual approvals posted back to Slack.
• Domain format validation before submitting the request to reduce errors.

• Reduce request handling time from hours to minutes by collecting inputs and approvals inside Slack.
• Automate up to 80 percent of low risk certificate requests based on VirusTotal results.
• Improve accuracy by validating domain format and removing manual copy and paste.
• Connect Slack, VirusTotal, Venafi, and OpenAI to keep data in sync across tools.
• Handle many requests at once with webhook driven routing and fast Slack responses.
• Give clear, auditable decisions in Slack with requester and scan context attached.

1. Import the template into n8n: Create a new workflow in n8n > Click the three dots menu > Select 'Import from File' > Choose the downloaded JSON file.
2. You'll need accounts with Slack, VirusTotal, Venafi TLS Protect Cloud and OpenAI. See the Tools Required section above for links to create accounts with these services.
3. Create or configure a Slack app: enable Event Subscriptions and Interactivity, then set the Request URL to the n8n Webhook URL from the Webhook node. Install the app to your workspace and copy the Bot Token.
4. In n8n, double click each Slack node and on the Credential to connect with dropdown, click Create new credential, then follow the on screen instructions to connect your Slack Bot Token.
5. For VirusTotal, open the VirusTotal HTTP Request node, create a new credential, and paste your VirusTotal API key from the VirusTotal account API page.
6. For Venafi TLS Protect Cloud, open each Venafi node, create a new credential, and follow the on screen steps. Update the applicationId and certificateIssuingTemplateId to match your Venafi account.
7. For OpenAI, open the OpenAI node, create a new credential, and paste your API key from your OpenAI account.
8. Check the Route Message and Parse Webhook nodes to ensure they read the Slack payload fields your app sends. Keep the domain input mapping aligned with your modal fields.
9. Review the domain validation expression in the Venafi node commonName field. Adjust only if your naming rules differ.
10. Enable the workflow and run a test from Slack. Trigger the interaction that opens the modal, submit a safe domain, and confirm a success message in Slack.
11. Verify in Venafi that a certificate was issued for safe domains. Submit a suspicious domain to confirm the manual approval message with an OpenAI summary appears in Slack.
12. If Slack times out, make sure Respond to Webhook nodes fire before heavy steps. If VirusTotal calls fail, check API quota and key. If Venafi rejects the request, confirm the template and application IDs and that your credential has the right permissions.