ADSS Web RA allows additional monitoring of the certificate requests by enabling dual control from Configurations > General Settings. Once the dual control is enabled, any changes in the certificate requests, configurations and background jobs made by an Enterprise RAO, will be reviewed by the Admin RAO before reaching its final status.


An admin RAO can implement dual control on the following:


  1. Configurations 
  2. Requests
  3. Background Jobs 
  4. Certificate Authority 


Admin RAO will have the control to approve or decline a certificate request.


Enable Dual Control from Configurations 


  1. Expand Configurations > General Settings. 

Scroll to the Dual Control section at the end of the screen and select the Enable dual control check box. Then select the modules from the drop down on which you want to apply dual control.



  1. Then click Save. 


Enable Dual Control in Role for an Enterprise 


  1. Expand Access Control > Roles. 

Scroll to the role that you want to assign Dual Control, and click > Edit,



  1. Select the modules to assign Dual Control under the Allowed Modules section. 



  1. Then click Save. 


Once you have configured Dual Control in the Access Control section, certificate requests generated by an enterprise RAO will be reviewed by an Admin RAO. Admin RAO can choose to either approve or decline these requests.