- Would each step (except for the sleep) be a separate Activity or would it make sense to handle everything directly from the Workflow?
Yes, interactions with your credentials provider for fetching/validating certs, and interacting with the different services should be done via activities.
- How would it be best to handle the errors if a request to an external service fails?
One way would be to poll this service, see forum post here (associated java code samples here if it helps).