Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Registration Authority Settings

In SSH Tectia Certifier, an RA is in many ways similar to a CA. However, the RA creation is a bit different, since RA always enrolls its certificate from the CA, which is not running on the same installation.

Pre-requisities for RA creation are that:

  • There is an online CMP connection to the CA. If SSH Tectia Certifier is running the CA, a CMP Service needs to be running on the Certifier Server instance.
  • The CA has to have an automatic issuing policy for valid RA entities.
  • The CA administrator has issued a reference number and a key that the RA can use when performing the RA certificate enrollment. See Section Creating a Delegated RA Entity.
  • There is an External Enrollment Client Service running on the same server with the RA. This service is needed for performing the RA side of the RA-CA communication.

Creating a New Registration Authority

Editing RA Settings

Enrolling an RA Certificate


PreviousNextUp[Front page] [Index]


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now