|[Front page] [Index]|
Click Delegated RA Entities on the main menu of the admin GUI. List of existing delegated RA entities is shown. Properties of the existing RA entities can be edited by clicking their names. New delegated RA entity can be added by clicking the Create New RA Entity button. The Create New RA Entity page opens.
A delegated RA entity should be bound to a CA within the same SSH Tectia Certifier installation. The CA can be selected in the CA binding box. If -- NO BINDING -- is selected, the RA operator can request certification from any CA. Approval is subject to the CA policy.
The entity name, shown in the administration user interface, and a freeform description can be specified in the RA Entity name and RA Entity description fields. Confirm the addition by clicking the Create button. The Cancel button can be used to cancel the operation.
Key Recovery can be Allowed for self approved certificates or Allowed for all certificates (within CA binding). The first option means that the RA can recover only those private keys that have certificates pre-approved by the same RA. The latter option means that the RA can recover all keys that have certificates approved by the same CA the RA is bound to.
A delegated RA entity can have similar attributes to the end entities. An attribute can be added to the RA entity by selecting an attribute from the Attributes list and clicking Add.
An attribute can be removed by clicking the Remove button on the right hand side of the attribute.
Click Create to create the entity. This opens the Delegated Registration Authority Entity page where the entity can be further edited.