Using the Nexus Smart ID module Digital ID, a server certificate can be issued via a signing request in PKCS#10 format and with or without approval step.
Standard workflow
|
|
Actor |
Action |
Option |
|---|---|---|---|
|
1 |
Server certificate registration officer |
In Identity Manager, selects Request P10 certificate. Uploads a certificate signing request in PKCS#10 format. Verifies the PKCS#10 attributes. |
- |
|
2 |
Identity Manager |
Checks if there are already installed certificates on the server. If there are, the old certificates are locked. |
- |
|
3 |
Server certificate approver |
Approves the certificate request. |
No approval step. |
|
4 |
Identity Manager |
Requests a certificate based on the PKCS#10 request. |
- |
|
5 |
CA |
Issues a server certificate. |
- |
|
6 |
Identity Manager |
Stores the certificate details and distributes the certificate by email or for download, depending on the server configuration in Identity Manager. |
- |
|
7 |
Downloads the certificate from Identity Manager or receives it in an email. Installs the certificate on the server. Confirms in Identity Manager that the certificate installation was successful. |
- |
|
|
8 |
Server responsibles |
Gets an email notification. |
- |
Technical reference
|
Option |
Process |
|---|---|
|
Request P10 certificate with approval
|
ScmProcIssueServerCertP10 (see image) |
|
Request P10 certificate without approval
|
ScmProcIssueServerCertP10WithoutApproval |