To configure the GlobalSign HVCI (High Volume Certificate Issuance) CA as an external CA select the GlobalSign HVCI option from the CA Type drop down. The following page will be shown to configure the GlobalSign HVCI CA:

The items in the above screen are described below:

Items

Description

CA  Alias

An operator-defined unique name for easy management of certificate authorities within ADSS Server. This is only for human identification purposes.

CA Type

ADSS Server can be configured to get the certificates issued from the GlobalSign HVCI CA. The requests that are received at certification service are forwarded to GlobalSign HVCI for certificate issuance. The supported request types are:

  • CREATE
  • RENEW
  • REVOKE
  • DELETE

CA Certificate

All the CA certificates configured in Trust Manager with the purpose CA (will be used to verify other certificates and CRLs) will be available here for configurations.
Select the required GlobalSign HVCI Issuing CA, which will be used to issue the target certificates. 

Note: It is required to register the complete certificate chain of the GlobalSign HVCI CA in Trust Manager

CA Address

Specify the URL from where this CA could listen the certificate request messages.

TLS Client Certificate

It is required for communication with this GlobalSign HVCI CA over the TLS Client Authentication. Select a TLS Client Authentication Certificate which pre-exists in the  Key Manager

Note: It is required to register the Issuer CA of the TLS Client Authentication certificate in Trust Manager with the purpose CA for verifying TLS client certificates

Client ID

Specify the unique ID for API client, as provided by GlobalSign.

Client Secret

Specify the valid client secret for the above provided Client ID.

Validity Period

Specify the validation period in months or years for the certificate to be created or renewed.


See also

ADSS CA Server

Microsoft CA
Symantec MPKI
GlobalSign EPKI
EJBCA
QuoVadis CA
Entrust CA
Offline External CA
DigiCert PKI
SPOC Server