Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]


An entity is anything that can request and receive certificates from SSH Tectia Certifier. An example of an entity could be a user requesting a certificate for e-mail usage, or a network device requesting certificates for IPSec.

Entities are used to bind a set of attributes describing the entity and a set of requests and certificates together. This makes it easier for operators to view what kind of certificates are given to users.

Entities can also contain a set of shared secrets, in the form of a secret key ID and a pre-shared key. These keys can be used to map incoming certification requests to a certain entity. Additionally, secrets can have a set of policy attributes that can alter the way they are handled in the automatic CA policy code. For example, the system can be set up so that when a certification request with a matching pre-shared key comes in, it is automatically accepted and issued with a pre-configured set of certificate extension values without operator intervention.

Using entities is not strictly necessary, as SSH Tectia Certifier can also operate on certification requests without entity mapping. Using entities is recommended if the potential end user base is large. For CMP enrollment entities have to be used.

Adding Entities

Editing Entities

Adding and Modifying Pre-Shared Keys

Adding Policy Module Attributes

Removing Entities

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now