System information

Profile ID Profile Name Description

caDualRAuserCert RA Agent-Authenticated User

Certificate Enrollment

Used to enrol user certificates

with RA agent authentication.

caRAagentCert RA Agent-Authenticated

Agent User Certificate

Enrollment

Used to enrol RA agent user

certificates with RA agent

authentication.

caRAserverCert RA Agent-Authenticated

Server Certificate Enrollment

Used to enrol server

certificates with RA agent

authentication.

Table 3.1. List of Certificate Profiles

3.1. Example Profile

The following is a description of an example caUserCert profile, as shipped with the server. A

profile usually contains inputs, policy sets, and outputs. The default caUserCert certificate

profile contains the following:

• Profile description

This profile is for issuing user, or client, certificates.

• Profile inputs

• Key generation Specifies that the key pair generation during the request submission be

CRMF-based and 1024-bit. This is a read-only field.

• Subject name The subject name input is used when distinguished name (DN) parameters

need to be collected from the user; the user DN can be used to create the subject name in

the certificate. This input uses the following form fields:

• UID The user ID of the user in the LDAP directory.

• Email The email address of the user.

• Common name The name of the user.

• Organizational unit The organizational unit to which the user belongs.

• Organization The organization name.

• Country The country where the user is located.

• Requester This input uses the following form fields:

• Requester name The name of the certificate requester.

Example Profile