Configure EJBCA

This tutorial provides instructions on configuring the Enterprise Java Beans Certification Authority (EJBCA). This setup ensures that certificates issued by the Unifyia platform during identity issuance originate from EJBCA.

Prerequisites

  • EJBCA is already installed and all the required end entity profiles are configured.
  • You will require the following values:
    • CA Name
    • Web Service Root URL
    • CRL URL
    • OCSP URL
    • SSL Client Certificate
    • Client Certificate Password
    • SSL Server Certificate
    • End Entity Profile
    • Escrowed End-Entity Profile
    • Mobile End Entity Profile
    • AIA URL

Configuration Steps

  1. Log in to the Unifyia platform with administrator credentials.
  2. On the Dashboard page, navigate to Integrations > Certificate Authority. The Certificate Authority page appears.
  3. Select + Add Certificate Authority.
  4. Enter the following information:
    1. Provider: Select EJBCA from the drop-down list.
    2. CA Name: Enter a name for the CA.
    3. Name: Enter the display name or a common name for this CA.
    4. Description: Enter a brief description of this CA integration.
    5. Web Service Root URL: Please input the web service root URL. This is the base URL or endpoint where the CA's web services are hosted.
    6. CRL URL: Enter the CRL URL. This is the URL of the location where the Certificate Revocation List is published.
    7. OCSP URL: Enter the OCSP URL. This is the URL of the location where the CA's Online Certificate Status Protocol (OCSP) responder is available.
    8. Authentication Type: Select Client Authentication from the drop-down list. This refers to the mode of authenticating to the EJBCA UI.
    9. SSL Client Certificate: Upload the SSL client certificate from the saved location on your system. This is a certificate used to verify the identity of clients accessing the CA.
    10. Client Certificate Password: Enter the password for the client certificate.
    11. SSL Server Certificate: Upload the SSL certificate from the saved location on your system. This is a digital certificate issued by a CA to establish a secure connection with the server.
    12. End Entity Profile: Specify the profile of the end entity. It is a setup that outlines the certificate-related attributes and constraints for a particular type of end entity or certificate requester.
    13. Escrowed End-Entity Profile: Specify the profile of the escrowed end entity. This profile is a kind of setup to tackle the issue of key recovery or escrow of the user's private key.
    14. Mobile End Entity Profile: Specify the profile of the mobile end entity. This is the profile set up for the distinctive needs of mobile devices such as smartphones and tablets, within a Public Key Infrastructure (PKI) framework.
    15. AIA URL: Enter the AIA URL. This denotes the specific location (URL) where supplementary details about the CA and its certificates can be accessed.
  5. To check if the configuration is successful, select Test Configuration.
  6. After a successful test, select Save.

You have now successfully integrated EJBCA.


Back Next
On this page
Related Links
How-To-Guides