Document toolboxDocument toolbox

Create certificate profile

This article describes how a Workplace system administrator creates a certificate profile in the Workplace package in Smart ID Identity Manager.

A certificate profile is a bundle of certificate information that can be used while creating an asset and later on, based on the asset information, create different certificate requests. A certificate request can also optionally be issued without an asset on the certificate profile.

The following enrollment protocols are supported:

  • P10 - an actual certificate is retrieved which is linked to the certificate profile

  • P12 - an actual certificate is retrieved which is linked to the certificate profile

  • ACME - will as a result send data to Certificate Manager

  • SCEP - will as a result send data to Certificate Manager

Prerequisites

The system administrator role needs to be assigned. See Assign system administrator role for more information. 

Step-by-step instruction

Create certificate profile

  1. In Identity Manager Operator, in the Quick search drop-down list, select Workplace certificate profiles.

  2. Click Create certificate profile.

  3. Enter Profile name and select Enrollment protocol and Certificate template. 

  4. Click Next to proceed with the process or Cancel to close the process. 

  5. Optional: In Enrollment policy, select to enable an approval step for certificate requests and/or revocation.
    For more information, see Workplace - Approval handling. 

  6. Click Next.

  7. Optional: In Asset policy, select if an asset is required to enroll the certificate profile. For more information, see Create asset. 

  8. Click Next. 

  9. For the selected enrollment protocol, follow the instructions below:

  1. In P10 certificate policy data, submit the following details:

    • Key size: Select the certificate key size in the drop-down menu.

    • Key type: Key type is always RSA

    • Algorithm: Select the algorithm in the drop-down menu.

    • Country (C): Enter country code with a two-letter abbreviation, for example, SE or DE.

    • Organization: Enter your organization name.

  2. Click Next.

  3. Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

  1. In P12 certificate policy data, submit the following details:

    • Key size: Select the certificate key size in the drop-down menu.

    • Key type: Key type is always RSA

    • Algorithm: Algorithm is always SHA256

    • Country (C): Enter country code with a two-letter abbreviation, for example, SE or DE.

    • Organization: Enter your organization name.

  2. Click Next.

  3. Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

  • Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

  • Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

Use case details



Related information

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions