In Entrust Certificate Authority, create new certificate definition policies for the certificate types added in Adding certificate types to Entrust Certificate Authority for EST enrollment.
These new certificate definitions will allow server-generated keys and private key backup. You will later map them in Mapping certificate definition policies to the EST certificate types.
- Creating a Dual Usage P12 certificate definition policy for EST enrollment
- Creating an Encryption P12 certificate definition policy for EST enrollment
- Creating a Verification P12 certificate definition policy for EST enrollment
- Creating a Nonrepudation P12 certificate definition policy for EST enrollment
Creating a Dual Usage P12 certificate definition policy for EST enrollment
See below to create a Dual Usage P12 certificate definition policy in Entrust Certificate Authority.
To create a Dual Usage P12 certificate definition policy for EST enrollment
- Log in to Entrust Certificate Authority Administration.
- In the tree view, select Security Policy > User Policies > Dual Usage Policy.
- Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
- In the Label field, enter
Dual Usage EST Policy. - In the Common name field, enter
Dual Usage EST Policy. - Under Policy Attributes:
- Select Back up private key.
- Deselect Generate key at client.
- Click Apply.
- If prompted, authorize the operation.
Creating an Encryption P12 certificate definition policy for EST enrollment
See below to create an Encryption P12 certificate definition policy in Entrust Certificate Authority.
To create an Encryption P12 certificate definition policy for EST enrollment
- Log in to Entrust Certificate Authority Administration.
- In the tree view, select Security Policy > User Policies > Encryption Policy.
- Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
- In the Label field, enter
Encryption EST Policy. - In the Common name field, enter
Encryption EST Policy. - Under Policy Attributes:
- Select Back up private key.
- Deselect Generate key at client.
- Click Apply.
- If prompted, authorize the operation.
Creating a Verification P12 certificate definition policy for EST enrollment
See below to create a Verification P12 certificate definition policy in Entrust Certificate Authority.
To create a Verification P12 certificate definition policy for EST enrollment
- Log in to Entrust Certificate Authority Administration.
- In the tree view, select Security Policy > User Policies > Verification Policy.
- Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
- In the Label field, enter
Verification EST Policy. - In the Common name field, enter
Verification EST Policy. - Under Policy Attributes:
- Select Back up private key.
- Deselect Generate key at client.
- Click Apply.
- If prompted, authorize the operation.
Creating a Nonrepudation P12 certificate definition policy for EST enrollment
See below to create a Nonrepudation P12 certificate definition policy in Entrust Certificate Authority.
To create a Nonrepudation P12 certificate definition policy for EST enrollment
- Log in to Entrust Certificate Authority Administration.
- In the tree view, select Security Policy > User Policies > Encryption Policy.
- Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
- In the Label field, enter
Nonrepudiation EST Policy. - In the Common name field, enter
Nonrepudiation EST Policy. - Under Policy Attributes:
- Select Back up private key.
- Deselect Generate key at client.
- Click Apply.
- If prompted, authorize the operation.