As explained in com.Sectigo, you can optionally select a key store as authentication mode for the Sectigo login. See below for instructions on how to create this key store.

We recommend omitting this section and selecting a password instead when configuring the com.Sectigo settings.

Creating the enrollment form

Create an enrollment form for the client certificate.

  1. Log in to the Sectigo portal using your browser.
  2. Go to Enrollment > Enrollment Forms.
  3. Click the + icon to create a new form.
  4. In the Name field, enter a name for the enrollment form. For example:
    myOrganization - Client certificate
  5. In the Type list, select Client certificate self-enrollment.
  6. In the Configuration tab, enable Secret ID.
  7. Generate the Enrollment Endpoint URL.

Adding a person

Add a person to the Sectigo configuration.

  1. Navigate to Persons.
  2. Click the + icon.
  3. Complete the Add New Person fields. Specifically:
    • Provide a secret. 
    • Select the same email address you will later use for the administrator. 

Issuing the client certificate

Issue a client certificate to authenticate in the Sectigo API.

  1. Open the newly created enrollment form in a new browser tab.
  2. Issue a certificate using the same secret and email address configured for the newly created person.
  3. Download the PKCS #12 file.

Creating an administrator

Create a user with administrator privileges in Sectigo. 

  1. Navigate to Settings > Admins.
  2. Click the + icon.
  3. In the Add Admin Type dialog, select Standard.
  4. Complete the Add New Admin fields. Specifically:
  5. Use the same email address configured for the newly created person.
  6. In the Authentication tab, select the newly issued certificate.