Under this section, add the following profile settings for each EJBCA certificate authority.
Certificate Profile
The name of the certificate profile in EJBCA.
Mandatory: Yes.
When Enable CA Profile Sync is set to true, this setting is automatically populated; however, manually configured values take precedence.
End Entity Profile
The name of the end-entity profile in EJBCA.
Mandatory: Yes.
When Enable CA Profile Sync is set to true, this setting is automatically populated; however, manually configured values take precedence.
Key Client Generated
The key generation mode.
Value | Key generation |
|---|---|
| Generate the keys on the client side with a CSR |
| Generate the keys on the server side, in a PKCS #12 |
When Enable CA Profile Sync is set to true, this setting is automatically populated; however, manually configured values take precedence.
Key Recoverable
The key recovery status.
Value | Key recovery |
|---|---|
| Server-side-generated keys can be recovered |
| Server-side-generated keys cannot be recovered |
When Enable CA Profile Sync is set to true, this setting is automatically populated; however, manually configured values take precedence.
EJBCA Requested Properties
Add the following settings under this section.
Property Name | Description | Type | Required |
|---|---|---|---|
username | The unique name of the end entity in EJBCA. | text | |
password | The password for authenticating enrollment requests in EJBCA. | password |
|
key_algs | The key algorithm for server-side key generation. The selected value must be included in the Available Key Algorithms list described in Creating an EJBCA certificate profile. | text |
|
When Enable CA Profile Sync is set to true, this setting is automatically populated; however, manually configured values take precedence.