Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.

The EUI component is marked for deletion in future releases of CM. Customers that use EUI are encouraged to switch to Certificate Manager (CM) REST API, as it provides the same functions.

With the Enrollment User Interface (EUI), an end user or administrator can use a web browser to request certificates.

The standard configuration supports certificates installed in web browsers or Nexus Personal Desktop Client, server certificates and soft tokens. Protocol Gateway provides additional security by the option to require the user to be a CM Officer.

Default URL to EUI

The standard configuration supports certificate requests for the following usages:

  • certificates installed in a web browser (the keygen tag or CertEnroll)
  • certificates installed in Nexus Personal (regUtilPluginObject)
  • server certificates, for example TLS server certificates, in PKCS#10 format
  • soft tokens, for example in PKCS#12 format or Java key store

For server certificates, the administrator can select either binary or text as type of response and either PKCS#7 certificates only, with optional issuer chain, or X.509 as certificate encoding.

Access to the web pages located at <url>/pgwy/request/ cannot be disabled in The HTML files are located in the request folder of the unpacked web application and are served by Tomcat.