Configuring ActivID CMS for Use with Keyfactor EJBCA Certificates

This section explains how to configure ActivID CMS for use with Keyfactor EJBCA^® certificates.

Important: In ActivID CMS 6.3, only certificates with a device-generated private key are supported. Certificate escrow and recovery are not supported.

Prerequisites

You must have installed a Keyfactor EJBCA server on premises (see Installing the Keyfactor EJBCA Server).

Once the EJBCA server is configured, you must gather the following information for its configuration in ActivID CMS:

The host name of the EJBCA server
The access port of the EJBCA server, usually 443
The name of the CA as configured in the EJBCA server
The truststore file containing the CA certificates
The PKCS#12 file containing the client certificate and key, and its password

Setting Up a Keyfactor EJBCA Repository in ActivID CMS

You can add the Keyfactor EJBCA credential provider, and then create and configure device profiles. Make sure you have all the prerequisites before proceeding with your configuration.

Topics in this section: