Cryptographic Security Platform 1.3 - PKI Hub 1.4.0 installation and administration [PDF][Releases]

Under the Subject Name tab, set the supported options.

Option	Supported	Value
Supply in request	Yes	Configuring this option is a potential security risk, as this option can give users the ability to specify additional subject names, enabling potential user impersonation and unauthorized access to systems. If you enable this option, only highly-trusted people must be granted access to use this template (see the Groups or usernames option in Security tab). The Subject Alternative Name RegisteredID is not supported. The Subject name types Title and Initials are not supported.
Use subject information from existing certificates for autoenrollment renewal requests	Yes
Build from Active Directory information	Yes
Subject name format	Yes	For User certificate templates, the following formats are supported: Common name. Fully distinguished name. This value is not supported when Certificate Enrollment Gateway has mapped the Windows certificate template to a Profile ID in CA Gateway. In the Certificate Enrollment Gateway `config.yml` file, you can map Windows certificate templates to Profile IDs by configuring the `certificate-templates` setting (see the Certificate Enrollment Gateway Deployment Guide). For Computer or Domain Controller certificate templates, the following formats are supported: Common name. DNS. Fully distinguished name. This value is not supported when Certificate Enrollment Gateway has mapped the Windows certificate template to a Profile ID in CA Gateway. In the Certificate Enrollment Gateway `config.yml` file, you can map Windows certificate templates to Profile IDs by configuring the `certificate-templates` setting (see the Certificate Enrollment Gateway Deployment Guide).
Include e-mail name in subject name	No
E-mail name	Yes
DNS name	Yes
User principal name (UPN)	Yes
Service principal name (SPN)	Yes