Using Symantec MPKI 8.0 Certificate Authority

This section describes how to configure PIV Personal Identity Verification (technical standard of "HSPD-12") policies with Symantec MPKI 8.0 CA certificate templates.

1. In the Action column, next to PIV_AUTHENTICATION, click Configure.

   

2. In the Friendly Name field, enter a valid, descriptive name for the certificate in use for the device policy.

3. In the Provider drop-down menu, select Symantec MPKI 8.0 Authority.

4. Depending on the selection of Provisioning Method, the fields appear differently. Perform the appropriate tasks based on your selection.

   Note: Selecting the Create Credential option is the equivalent of setting the former Recover Application option (available in previous ActivID CMS versions) to No.

   • Provisioning Method set to Create Credential

     1. If you select Create Credential for the Provisioning Method, set the Template to encryption template (key escrow) or authentication template (non-escrow) as per your requirement. The encryption template allows key escrow.

     2. Click Submit.

     

     3. In the Profile OID field, make sure the profile OID matches with the certificate profile template that you want to associate with this device policy. You can find the certificate profile OID by logging into the Symantec PKI Manager portal. For details, refer to Configuring ActivID CMS for Use with Symantec Managed PKI v8

     4. Click Submit.

     5. Click Set.

5. Click Save.

You can perform the similar steps for other device policies.