Issue server certificate in PKCS#10 format
Using the Nexus Smart ID module Digital ID, a server certificate can be issued via a signing request in PKCS#10 format and with or without approval step.
Standard workflow
| Actor | Action | Option | |
|---|---|---|---|
| 1 | Server certificate registration officer | In Identity Manager, selects Request P10 certificate. Uploads a certificate signing request in PKCS#10 format. Verifies the PKCS#10 attributes. | - |
| 2 | Identity Manager | Checks if there are already installed certificates on the server. If there are, the old certificates are locked. | - |
| 3 | Server certificate approver | Approves the certificate request. | No approval step. |
| 4 | Identity Manager | Requests a certificate based on the PKCS#10 request. | - |
| 5 | CA | Issues a server certificate. | - |
| 6 | Identity Manager | Stores the certificate details and distributes the certificate by email or for download, depending on the server configuration in Identity Manager. | - |
| 7 | Downloads the certificate from Identity Manager or receives it in an email. Installs the certificate on the server. Confirms in Identity Manager that the certificate installation was successful. | - | |
| 8 | Server responsibles | Gets an email notification. | - |
Technical reference
| Option | Process |
|---|---|
| Request P10 certificate with approval | ScmProcIssueServerCertP10 (see image) |
| Request P10 certificate without approval | ScmProcIssueServerCertP10WithoutApproval |