The Certificate Purpose sub-module allows the operator to define their own certificate purposes for their required certificate template in ADSS Server. Once defined, the newly created certificate purpose will be available in the Certificate Purpose drop-down field in Certificate Template.  

The following screen shows some of the default certificate purposes:

A new purpose can be created by clicking the New button. A custom certificate purpose can be updated by selecting the purpose and clicking the Edit button. A Make a Copy button replicates the selected purpose. 


Only user-defined custom certificate purposes can be edited or deleted.


Clicking on the New button will display the following screen:



The configuration items are as follows: 

Items

Description

Purpose ID

An Operator-defined unique Purpose ID for easier human recognition within the ADSS Operator Console. Once a Purpose ID is created, it cannot be changed. 

Purpose Name

An Operator-defined unique purpose name for easier human recognition within the ADSS Operator Console.

Purpose Description

This can be used to describe the certificate purpose in more detail. This is for information purposes only.


Once created, the purpose will be available in Certificate Purpose field under Key Manager > Certificate Template > New. See the image below: 

 

Clicking on the Search button will display the following screen: 



As mentioned in the screen above, a certificate purpose can be searched based upon Purpose ID, Purpose Name and Purpose Type. The Purpose Type dropdown includes the default certificates purposes like Default Asymmetric, Default Symmetric, Default EPass EAC and Default EPass BAC as well as user-defined custom certificate purposes. The operator can search the required certificate purpose based on desired configurations. 

If "_" character is used in the search then it will act as wildcard..


 
See also 

Crypto Source

Service Keys
Key Templates
Certificate Groups
Certificate Templates
CV Certificate Template
Auto Renew Certificates
Default DName
Alerts