Issue the client authentication certificate for CA Gateway to authenticate in the EJBCA's APIs. 

To issue the client authentication certificate

1. Log in to the EJBCA RA GUI.
2. Navigate to Enroll > Make New Request.
3. Assign the following settings to the new certificate request. 
   • Certificate Type
   • CA
   • Available Key Algorithms
   • Subject DN
4. Select the PKCS#12 certificate format.
5. Set a password for the PKCS#12 file.
6. Click Download PKCS#12. 
7. When configuring the EJBCA properties, provide the path and password of this PKCS#12 file.

Certificate Type

Select the profile described in Creating an EJBCA entity profile.

CA

Select ManagementCA.

Available Key Algorithms

Select RSA algorithms with 2048 bits or higher.

Subject DN

The Distinguished Name (DN) for the administrator – for example: