Nexus Documentation
Nexus Documentation
Breadcrumbs

Create certificate profile

This article describes how a Workplace system administrator creates a certificate profile in the Workplace package in Smart ID Identity Manager.

A certificate profile is a bundle of certificate information that can be used while creating an asset and later on, based on the asset information, create different certificate requests. A certificate request can also optionally be issued without an asset on the certificate profile.

The following enrollment protocols are supported:

  • P10 - an actual certificate is retrieved which is linked to the certificate profile

  • P12 - an actual certificate is retrieved which is linked to the certificate profile

  • ACME - will as a result send data to Certificate Manager

  • SCEP - will as a result send data to Certificate Manager

Prerequisites

Prerequisites

The system administrator role needs to be assigned. See Assign system administrator role for more information. 

Step-by-step instruction

Create certificate profile

  1. In Identity Manager Operator, in the Quick search drop-down list, select Workplace certificate profiles.

  2. Click Create certificate profile.

  3. Enter Profile name and select Enrollment protocol and Certificate template

  4. Click Next to proceed with the process or Cancel to close the process. 

  5. Optional: In Enrollment policy, select to enable an approval step for certificate requests and/or revocation.
    For more information, see Workplace - Approval handling

  6. Click Next.

  7. Optional: In Asset policy, select if an asset is required to enroll the certificate profile. For more information, see Create asset

  8. Click Next

  9. For the selected enrollment protocol, follow the instructions below:

P10

  1. In P10 certificate policy data, submit the following details:Key size: Select the certificate key size in the drop-down menu.Key type: Key type is always RSAAlgorithm: Select the algorithm in the drop-down menu.Country (C): Enter country code with a two-letter abbreviation, for example, SE or DE.Organization: Enter your organization name.

  2. Click Next.

  3. Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

P12

  1. In P12 certificate policy data, submit the following details:Key size: Select the certificate key size in the drop-down menu.Key type: Key type is always RSAAlgorithm: Algorithm is always SHA256Country (C): Enter country code with a two-letter abbreviation, for example, SE or DE.Organization: Enter your organization name.

  2. Click Next.

  3. Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

ACME

  • Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

SCEP / SCEP-NDES

  • Optional: In Domain policy, select whitelist and blacklist domain policies. You can also search for specific domain policies. 

Use case details

Overview and technical details


Use case description

A Workplace system administrator wants to create a certificate profile.

Outcome

  • Created certificate profile. Data is saved in AssetsDpCertificateProfile.

  • End state for the certificate profile = "active"

Symbolic name

AssetsProcCreateCertificateProfile

Process name

Create certificate profile

Component

Identity Manager Operator

Process start

Quick search>Workplace certificate profiles>Create certificate profile



Related information