This article describes how to push certificates from Smart ID Certificate Manager to Smart ID Identity Manager.
...
To keep Certificate Manager and Identity Manager in sync, the certificates can be pushed from Certificate Manager via a 'Distribution Rule' to a HTTPS endpoint to Identity Manager. The push to Identity Manager will contain the certificate itself, a corresponding Certificate Template that it will be mapped on in Identity Manager. and optionally a BPMN process that will be executed with the push, for example to link the certificate to certain assets in Identity Manager.
...
| Expand |
|---|
|
- Identity Manager is installed
- Certificate Manager is installed
- Certificate Manager can reach the Identity Manager endpoint via an outgoing HTTPS connection
|
...
| Expand |
|---|
| title | Configure Certificate Manager |
|---|
|
- Create a distribution rule - Create distribution rule in Certificate Manager with the following parameters:
Protocol: HTTP URL: https://<idm_operator>:<port>/ws/certificate/register/<certificateCoreTemplate>[/<processDefinitionId>]?tenantId=<tenantId> If you want to authenticate to Identity Manager using HTTP basic authentication, use the port that does not require client authentication. <certificateCoreTemplate> stands for the core template the certificate will be stored as.
If you want Identity Manager to execute a process on the certificate after persisting it, specify an optional processDefinitionId. Payload: Cert Encoding: Base64 Content type: application/pkix-cert username/password: you may set an Identity Manager internal user username/password or preferably leave this blank and use certificate based authentication. - Create a certificate procedure - Create certificate procedure in Certificate Manager
- Add the distribution rule you created previously
- Create a token procedure - Create token procedure in Certificate Manager
- Add the certificate procedure you just created
|
...
