Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Adding Entities

You can add new entities to the PKI system by clicking the Add New Entity option from the main menu.

Figure : Creating a new entity

An entity can be bound to a specific CA. This means that the certification requests by this entity are directed to the selected CA. To create a CA binding for the entity, select a CA from the list. The list works as described in Section Database Search Options.

The Entity status drop-down list displays the entity's current status. An entity is normally marked as Active. In some cases, an entity's future use in the system might need to be restricted. In this case, set the entity status to Inactive.

The Entity name field is reserved for a freeform, short and hopefully descriptive name for this entity. In case of a person, the first and last name are the usual choice. In case of routers or other equipment, advisable choices are the entity's use, user group it belongs to, or perhaps its location. Exact information such as the IP address can have a separate attribute in the entity. This makes searching for them more accurate.

Entity Attributes

In addition to these fixed elements, an entity can have a selection of attributes. An attribute can be added to the entity by selecting an attribute from the Attributes list and clicking Add.

The selected attribute is added to the entity display and can be changed. Most of the attributes differ by their name and the size of text input box, but some have different content types, such as drop-down lists giving a limited selection of choices, or Boolean values represented as check boxes.

The Email address and Account Password attributes of the entity are used when entity account management is enabled in the Web Enrollment Service. See Sections Customizing the Web Enrollment Pages and Managing User Certificates for more information.

Otherwise the system does not use the attributes in any way. However, if the CA is properly configured, the attributes defined in the entity can be used when publishing a certificate, for example, as the values for LDAP attributes.

An attribute can be removed by clicking the Remove button on the right hand side of the attribute. The attribute is then removed and a refreshed page is shown.

The actual entity is not created until you finish the creation process by clicking the Create button at the bottom of the page. The Cancel button can be used to return from the entity creation process without actually adding the entity to the Database. You can also switch to some other page by using the main menu.

PreviousNextUp[Front page] [Index]


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more