See below for creating a public enrollment form.

To create a public enrollment form

1. Log in as an administrator with either: 
   • The global_admin role.
   • The <ca>_admin role for the certificate authority you will configure in the public enrollment form.
   • A  Certificate Role for the same certificate authority and certificate profile you will configure in the public enrollment form.
2. Go to Control > Public Enrollment Forms.
3. Click Create to configure the following configuration parameters.
   • Name
   • Owner
   • Description
   • Custom Fields
   • Authority
   • Profile
   • Profile Key Type
   • Override required key type
   • Select allowed key types
   • Minimum RSA Key Length
4. Click Create to expose the generated form on the Internet.
5. Click Copy on the main grid to obtain the public URL.

Name

The identifier of the public enrollment form.

Mandatory: Yes

Owner

The email address of the person responsible for the public enrollment form.

Mandatory: Yes

Description

A description of the public enrollment form.

Mandatory: No

Custom Fields

The Custom Fields whose value will be requested by the public enrollment form.

Mandatory: No

Authority

The Authority to issue the enrolled certificates. 

Mandatory: Yes

Profile

The certificate authority profile to issue the enrolled certificates. 

Mandatory: Yes

Profile Key Type

The key type specified by the Profile, if any.

Mandatory: Yes

Override required key type

Whether to override the Profile Key Type and allow different key types.

Mandatory: When requested by the selected Profile.

Select allowed key types

The key types supported by the Certificate Signing Requests.

Mandatory: When requested by the selected Profile.

Minimum RSA Key Length

The minimum bit length for the RSA-type keys.

Mandatory: When requested by the selected Profile.