Add Certificate

Home > Configure Enterprise Settings > Manage your enterprise users > Add Certificate

Add Certificate

Business applications can use this service API to add a certificate for Enterprise Users into their Enterprise account. An enterprise Admin who has permissions to manage enterprise users in his role, can import RAS (Remote Authorization Signing) enabled certificates for signing. Furthermore, the signing certificates appears at signing time (if RAS is enabled under service plan and under intended user's role). The Role dictates things such as allowed signing capacities available to the user. Enterprise Roles are described in detail here.

Configuration - Enterprise Settings > Users > Edit User

In order to use this role, the user needs to go to the New tab (Signing Capacities) which will be shown under Enterprise Settings > Users > Edit User (currently its a single that needs to be changed). Below figure can show you the path:

Enterprise admin will have three options to Add, Update and Delete signing certificates.
In order to add the certificate (signing capacity), following the above given path and then, select the 'Users' tab and then click on :

This will open a new tab to add a new certificate while showing user information by default, the user needs to click on the "Signing Capacity" tab, to add a new certificate, as shown below:

The dialog box having the information related to Signing Capacities will appear and list will have all signing certificates either added by System or added by enterprise admin.

By clicking on the + sign, the user will be able to add new certificate. After giving a 'user-friendly' name and certificate alias to the certificate. If you want to make it your default certificate, you need to check the checkbox.

One must keep this in mind that only one capacity can be marked as default at a time.


i. If you want to save the selected Certificate as your default one, click on the checkbox to select it as default.
ii. The selected default certificate will also appear as default signing capacity on signing dialog while performing Digital Signature.

Click the Save button to proceed.

The newly added default certificate, can be seen in the Signing Certificates list, with the default status.

Three dots will be shown only for those certificates which have been created by the Enterprise, whereas, other certificates will be there for information purpose (being created by system). Enterprise Admin will not be able to change anything in system generated certificates. These will appear for edit purpose only.

i. Certificate Alias will be used as a Unique Identifier for the certificate and it should be as of provided in ADSS.
ii. The Capacity name should be unique, user-friendly (consisting letters & digits) and must not be more than 100 characters.
All the above conditions are mandatory and must be fulfilled by Enterprise Admin.

i. To execute the Signing Certificate API's, the user must have the rights to edit.
ii. Signing Certificate API cannot be executed using scope user.
iii. Activity log of actions needs to be added in table.
iv. System will generate errors if RAS is not configured in Service plan and user tries to manage certificates.