Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Create key procedure in Certificate Manager

Owned by Ann Base (Deactivated)
Last updated: Apr 09, 2024 by Ylva AnderssonVersion comment
2 min read

This article is valid for Certificate Manager 8.4 and later.

This article describes how to create a key procedure within Certificate Authority (CA) in Smart ID Certificate Manager (CM).

A key procedure defines the parameters to be used when issuing an end-user certificate or recovering an archived key. Besides the key, the corresponding certificate can also be recovered by using the reuse option. The certificate will then be identical with the original certificate. If the reuse option is not used, a new certificate will be created when it is recovered.

The key procedure can either be for archiving or recovering keys.

This task is done in the Administrator's workbench (AWB) in Certificate Manager.

Prerequisites

The following prerequisites apply:

  • Two administration officers must sign the request.

  • Both officers must have the following roles:

    • Use AWB

    • Policy tasks

  • A connection to the CM host must have been established (see Connect to a Certificate Manager host).

  • The following information is required by the administration officer during the task of creating a procedure for archiving keys:

    • The procedure name that will appear in the explorer bar

    • The key management to be used is archive

    • The key usage attributes required for the certificate

    • The key procedure format to be used

  • The following information is required by the administration officer during the task of creating a procedure for recovering keys:

    • The procedure name that will appear in the explorer bar

    • The key management to be used is recover

    • If the certificate should be reused or not, (that is, if the old certificate should be recovered or a new one issued with the recovered keys)

    • The key procedure format to be used

Create key procedure

 

Clicking Save at any time during the creation of the key procedure, before clicking OK, will save the data and place the incomplete procedure request in the Key Procedures sub-group.

To complete the creation of the CRL procedure at a later stage:

  • Highlight the procedure in the explorer bar.

  • Select Modify from the Edit menu, the toolbar, or the right-click shortcut menu.

To create a key procedure:

  1. In AWB, select New > Key procedure.

  2. In the Create Key Request dialog, enter the Procedure name that should appear in the Key Procedures sub-group in the explorer bar. This field is mandatory.

  3. Set the procedure State to Active or Closed as required.

  4. Select the Key management parameter.

    1. If Archive is selected as key management, check the Key usage parameters.

    2. If Recover is selected as key management, check Reuse if you want the original certificate to be recreated. If the certificate is not to be reused, a new certificate will be issued when the corresponding key is recovered.

  5. Click the browse button at Format and select the format to be used with this key procedure.

  7. Enter a Label to describe the object. (Refer to CKA_LABEL in the PKCS #11 specification for more info.)

  8. Click OK and sign the task. See Sign tasks in Certificate Manager for more information.

Related information

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions