Configuring the Keyfactor EJBCA Certificate Authority

This section describes how to configure the ActivID CMS Operator Portal for Keyfactor EJBCA.

For detailed instructions on creating directories and CAs in ActivID CMS, refer to Procedures for Managing Directories and Procedures for Configuring Connections to Certificate Authorities.

1. Log on to the ActivID CMS Operator Portal with an ActivID CMS Administrator certificate.

2. Go to the Configuration tab, and then click Repositories.

   

3. Click Add Certificate Authority.

   

4. From the Provider drop-down list, select Keyfactor EJBCA.

5. In the Template drop-down list, leave Default EJBCA.

6. Click Submit.

   

7. Enter a Name for the Certificate Authority.

8. Enter the Host Name of the EJBCA Server.

   Note: The host name is the Fully Qualified Domain Name (FQDN), i.e., the full server name of the on-premises EJBCA server.

9. Enter a Port of the EJBCA Server or leave the default value.

10. Enter the EJBCA CA Name (see Creating the CA in EJBCA for details on this value).

11. Enter the Truststore file containing the CA certificates (see Creating the CA in EJBCA for details on this value).

12. Enter the PKCS#12 file containing the client certificate and key and the Password for the PKCS#12 file containing the client certificate and key (see Enrolling the CMS Agent on the EJBCA Server for details on these values).

13. Set the desired revocation reasons for the different card states.

14. Click Test to verify the CA configuration.

15. Click Create to apply your changes.