DigiCert PKI
To configure the DigiCert PKI v8.0 CA as an external CA, select the DigiCert PKI option from the CA Type drop down. The following page will be shown to configure the DigiCert PKI:
The items in the above screen are described below:
Item | Description |
CA Alias |
An operator-defined unique name for easy management of certificate authorities within ADSS Server. This is only for human identification purposes. |
CA Type |
ADSS Server can be configured to get the certificates issued from the DigiCert PKI. The requests that are received at certification service are forwarded to DigiCert PKI for certificate issuance. The supported request types are:
|
CA Certificate |
All the CA certificates configured in Trust Manager with the purpose CA (will be used to verify other certificates and CRLs) will be available here for configurations. Select the required DigiCert PKI issuing CA, which will be used to issue the target certificates.
Note: It is required to register the complete certificate chain of the DigiCert PKI CA in Trust Manager. |
CA Address |
Specify the URL from where this CA could listen the certificate request messages. |
API Key |
The API Key is generated by the operator on the DigiCert PKI Admin portal. Specify the generated API Key in the mentioned field which would be used by ADSS Server to create, renew and revoke the certificates from DigiCert PKI CA. |
Profile | Specify the Profile configured at DigiCert PKI Admin Portal by selecting it from drop-down. The operator can get list of all the profiles configured at DigiCert PKI Admin Portal in the drop-down menu by clicking at Get Profiles button. These Profiles would contains all the content for the certificate to be generated. Note: API Key is required for getting the profiles. |
Known Limitations of DigiCert PKI
Here are the known limitations of DigiCert PKI that the operator must consider:
See also