Configure the following settings for each enrollment connection with CA Gateway.
CAGW CA ID
The identifier in CA Gateway of the CA for WSTEP enrollment.
See Choose a key name for details on this CA identifier in the CA Gateway configuration.
Mandatory: Yes.
Parent DN
The parent DN (distinguished name) for certificates issued by the CEG WSTEP service. The selected value is appended to incoming Subject DNs.
CA Type | Parent DN |
|---|---|
Entrust Certificate Authority | A known searchbase defined in Entrust Certificate Authority. |
Entrust PKI as a Service | An absent parent DN, or a user-defined or custom parent DN. |
Examples:
ou=Devices, o=My Company, c=UScn=Users, ou=North America, o=My Company, c=GBMandatory: No.
CAGW Profile ID for Digital Signature
The unique ID defined in CA Gateway for the WSTEP signing certificate profile.
Mandatory: Yes.
CAGW Profile ID for Key Encipherment
The unique ID defined in CA Gateway for the WSTEP encryption certificate profile.
Mandatory: Yes.
CAGW Profile ID for Digital Signature and Key Encipherment
This unique ID defined in CA Gateway for the WSTEP signing and encryption certificate profiles.
Mandatory: Yes.
CAGW Profile ID for Digital Signature and Nonrepudiation
The unique ID defined in CA Gateway for the WSTEP signing and nonrepudiation certificate profile.
Mandatory: Yes.
Certificate Templates
The required mappings for each certificate template.
- For Value, enter the name of a Profile ID defined in CA Gateway for issuing the certificate.
- For Value, enter the name of a Profile ID defined in CA Gateway for issuing the certificate.
Note that:
For machines, the Subject name in the certificate template must be Common name or DNS name.
For users, the Subject name in the certificate template must be Common name.
Mandatory: No.