Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]


When two independent CA hierarchies need to be connected or a sub-CA needs to be created, cross-certification is involved. In the case of independent PKI domains, two CAs may both issue CA certificates for each other. In the case of sub-CA creation, only one certificate is issued.

Sending Cross-Certificate Request

Click the Cross-Certification option in the System Configuration menu to open the Send Cross-Certificate Request page.

Figure : Searching for certificate requests

Type in some search criteria and click the Search button to see the list of certificate requests generated with SSH Tectia Certifier. Choose the correct certification request from the drop-down menu and click the Commit button.

A cross-certificate request can be generated by clicking the Re-issue button on the CA certificate page. This operation will create a in the database a request that can be used in cross-certification.

If CMP is used for cross-certification, External Enrollment Client Service needs to be selected in the Enroll Client Service list and the enrollment URL given in the corresponding field. In the case of CMP, a list of available remote Certifier CAs can be queried by using Refresh button. Also the reference number and key need to be filled in. These should be provided by the issuing CA operator. Click the Proceed button to initiate the CMP cross-certification.

Figure : Sending the cross-certificate request

If you want to use manual cross-certification, click the View PKCS10 Request button to view the certificate request. When performing manual cross-certification, the request needs to be copied and pasted to a file and then sent to the CA.

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now