Updates an enrollment with changes. Response type varies depending on the type and impact of change. For example, changing SANs list may return HTTP 202 Accepted since the operation requires a new certificate and network deployment operations, and thus can't be completed without a change. On the contrary, for example a Technical Contact name change may return HTTP 200 OK assuming there are no active change and when the operation does not require a new certificate.
Note that fipsMode requires that TLS 1.2, TLS 1.3, or both are enabled on the certificate. You can’t list these TLS versions as disabled in the disallowedTlsVersions deployment object. When fipsMode is enabled, you need to use an active (non-deprecated) cipher profile for both mustHaveCiphers and preferredCiphers. For details, see Update SSL/TLS cipher profiles.