Cryptographic Security Platform 1.2 - PKI Hub 1.3 installation and administration [PDF][Releases]

See below for editing the settings of a public enrollment form.

To edit a public enrollment form

Log in as an administrator with either:
- The global_admin role.
- The <ca>_admin role for the certificate authority configured in the public enrollment form.
- A Certificate Role for the same certificate authority and certificate profile configured in the public enrollment form.
Go to Control > Public Enrollment Forms.
Go to Control > Custom fields.
In the main grid, select a custom field.
click Edit to update the following settings.

Active

Check this box for the public enrollment form to be accessible; uncheck otherwise.

Name

The identifier of the public enrollment form.

Owner

The email address of the person responsible for the public enrollment form.

The user who creates the public enrollment form is automatically made the owner. You can later edit this field and assign ownership to someone else.

Description

A description of the public enrollment form.

Custom Fields

The Custom Fields whose value will be requested by the public enrollment form.

Authority

The Authority to issue the enrolled certificates.

Profile

The certificate authority profile to issue the enrolled certificates.

Profile Key Type

The key type specified by the Profile, if any.

Override required key type

Whether to override the Profile Key Type and allow different key types. This field is only displayed to the user when:

The profile is a CSR profile for a client-side-generated key.
This field is not displayed for PKCS #12 profiles. Because the CA controls key generation, the user cannot choose the key type.
The Profile Key Type value is Unspecified.

Mandatory: When requested by the selected Profile.

Select allowed key types

The key types supported by the Certificate Signing Request. This field is only displayed to the user when:

The profile is a CSR profile for a client-side-generated key.
This field is not displayed for PKCS #12 profiles. Because the CA controls key generation, the user cannot choose the key type.
The Profile Key Type value is Unspecified, or the Override key type setting is enabled.

Mandatory: When required by the selected profile.

Minimum RSA Key Length

The minimum bit length for the RSA-type keys. This field is only displayed to the user when the profile is a CSR profile for a client-side-generated key.

This field is not displayed for PKCS #12 profiles. Because the CA controls key generation, the user cannot choose the key type.

Mandatory: When requested by the selected Profile.