A certification profile is created in ADSS Web RA to configure ADSS Profiles (Certification and/or CSP) for issuing different types of certificates to ADSS Web RA users. 


In simple terms, a certification profile (for Certification Service or CSP Service) is first created in the ADSS Server. That profile is then used to create a certification profile within the ADSS Web RA Admin Portal. 


Certification profiles contain all complex configurations and business requirements (for example, CA details, key algorithm, validity period, etc.) required to issue the corresponding certificates to ADSS Web RA users.


ADSS Web RA supports the following certificate types:


  1. Signing the CSR only (the CSR is generated in another application e.g. IIS, a device etc.). The following configurations are required for this:

    • A client must be registered in ADSS Server Client Manager.
    • The client must be configured in the ADSS Web RA connector of ADSS Server. 
    • A certification profile must be created in the ADSS Certification Server.
    • A certification profile must be created in the ADSS Web RA to map the ADSS Server Certification Profile.
    • The ADSS Web RA Certification Profile must be configured in the Service Plan.


  1. Generating the key pair on client side and signing the CSR

    • A Client must be registered in ADSS Server Client Manager.
    • The Client must be configured in the ADSS Web RA connector of ADSS Server. 
    • A Certification Profile must be created in the ADSS Certification Server.
    • A Go>Sign Profile must be created in the ADSS Go>Sign Server of type Certificate Generation. 
    • A Certification Profile must be created in the ADSS Web RA to map the ADSS Server Certification Profile.
    • The Go>Sign Profile must be configured in the ADSS Web RA Certification Profile.
    • The ADSS Web RA Certification Profile must be configured in the Service Plan.


  1. Server-side key generation for remote authorized signing

    • Client must be registered in ADSS Server Client Manager.
    • The Client must be configured in the ADSS Web RA connector of ADSS Server.
    • A SAM Profile must be created in the ADSS SAM Server. 
    • A RAS Profile must be created in the ADSS RAS Server.
    • A CSP Profile should be created in the ADSS CSP Server (only needed if you want to use the CSP service. Also, a CSP profile should be created in ADSS Web RA to map the ADSS CSP Profile.)
    • A Certification Profile must be created in the ADSS Certification Server.
    • A Certification Profile must be created in the ADSS Web RA to map the ADSS Server Certification Profile.
    • The Go>Sign Profile must be configured in the ADSS Web RA Certification Profile.
    • The ADSS Web RA Certification Profile must be configured in the Service Plan.