Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Minor

...

  1. Start AWB and log in.

  2. Create a CA key as described in Create CA key in Certificate Manager.

    1. For generation 0, the key shall be an RSA key with a length of 1024 bits.

    2. For generation 1, the key shall be an RSA key with a length of 2048 bits.

    3. For generation 2 or 3 (CPI=0x70 or CPI=0x00), the key shall be an ECC key with a length of 256, 384, or 512 bits. SHA-2 must be used as the signature algorithm and its output size must match the key length.
      Note: CVC can only use brainpool curves.

  3. Create a CA as described in Create CA in Certificate Manager. Make sure the following values are chosen:

    1. In CA Authority Name, enter CVC ROOT.

    2. Set State to Active.

    3. In Domain, select Root.

    4. Set Authority type: CA

    5. In Issuing CA - check Self signed

    6. In Usage - check Certificate signing

    7. In Key - select the key created in step 2

    8. In Format - select cvc-ca

    9. Click the browse button and select field CV Certificate Data Elements and deselect all other options in the Fields Chooser dialog.

  4. Click the browse button belonging to CV Certificate Data Elements to open the dialog box.
    This dialog is displayed. Enter the values and click OK.

  5. When the root CA has been created, a new CA icon will appear in the Authority Hierarchy. Select or open the new CA in the hierarchy and double-click the certificate icon. The certificate is displayed in a specific dialog box. It is possible to save the certificate and the public key to files.

...

All the necessary preparations for CVCs have now been made. Use the CM Software Development Kit (SDK) to issue the certificates.

...

Additional information

Expand
titleUseful links