Windows Enrolment Profile
Certification Profile for Windows Enrolment
Expand External Services > Certification Profiles from the left menu. The system will display the certification profiles listing screen.
To add a new certification profile, click the ‘+’ button on the left side of the table header. The system will display the ‘Basic Information’ screen.
Basic Information
The basic information screen will display the following fields:
|
Field |
Description |
|
Name |
Specify a unique name for this profile. |
|
Description |
Specify any description related to this certification profile. (Optional) |
|
Active |
Select this checkbox to make the profile active. |
After entering the required details, click the next ‘>’ icon to proceed to the ‘Profile Settings’ screen.
Profile Settings
|
Field |
Description |
|
ADSS Service |
This field will display the ADSS Services (i.e. Certification Service and CSP Service) that are available for ADSS Web RA. Select the ‘Certification Service’ option from the dropdown. |
|
ADSS Certification Server |
This field will display the list of active ADSS connectors in ADSS Web RA. Select the one to use for this certification service profile, for example: 192.168.2.64. |
|
ADSS Certification Service Profile |
In this field, enter the certification profile that you created on the ADSS Sever, for example: adss:certification:profile:001. |
|
Issuer Name |
It will display the issuer CA name. (This field will appear in disabled form) |
|
Certificate Purpose |
This field contains the list of standard certificate purposes, which come from ADSS based on the selected certification profile. A certificate is generated based on the provided certification profile ID, and it will be in a disabled form as it is configured in the ADSS Sever under that ADSS Certification Service Profile. Possible certificate purposes could be Document Signing, TLS Server Authentication, Code Signing etc. ADSS Web RA supports the following types of TLS certificates:
In case of external CA this field will be enabled and operator can select the certificate purpose. |
|
Certificate Enrolment |
This dropdown displays the following options:
|
|
Active Directory Profile |
From this dropdown you have to select an active directory profile that is required for Windows Enrolment. |
|
Enable Device Enrolment / Windows Device Certificate |
By enabling this setting, user will not be required to upload an authentication certificate while creating an account. |
You can view the details of the selected ADSS connector by clicking the ‘Eye’ icon next to the connector name. When you click the icon, the system will open the ‘Connector’ dialog on the screen displaying the basic information.
To view complete details of the connector, navigate to the ‘Details’ tab.
After selecting the required options in the Profile Settings section, click the next ‘>’ button to navigate to the ‘Details’ tab.
Details
Provide the required information in the ‘Details’ section and click the next ‘>’ button to proceed to the ‘Authentications’ tab.
To learn more about the available options and their functions in the ‘Details’ section, refer to the Details section in the ‘Certification Service Profile’ page.
Authentications
Enable the required options on the ‘Authentications’ screen, then click the next ‘>’ button to continue to the ‘Settings’ tab.
To learn more about the available options and their functions in the ‘Authentications’ section, refer to the Authentication section in the ‘Certification Service Profile’ page.
Settings
Make the required selections on the ‘Settings’ screen, then click ‘Create’ to finalise the certification profile.
To learn more about the available options and their functions in the ‘Settings’ section, refer to the Settings section in the ‘Certification Service Profile’ page.