Entrust Certificate Services prerequisite configurations
Before Venafi Trust Protection Platform can interact with Entrust Certificate Services, you need to use the Entrust Certificate Services web portal to enroll an Advantage SSL certificate for use by Trust Protection Platform.
You'll then use the Advantage certificate to create the required certificate credential on the Trust Protection Platform server. Trust Protection Platform uses the certificate credential to authenticate with Entrust Certificate Services when retrieving certificates, templates, and licensing information.
To generate the key pair and CSR to enroll, and create a credential object for authentication
- Create a certificate object and enroll it using a self-signed CA template.
-
After the self-signed certificate has been enrolled, set the Management Type to Monitoring.
This ensures that the certificate is not renewed automatically because that would cause another self-signed certificate to be enrolled.
- Download the CSR.
-
Using the Entrust Certificate Services portal, enroll the CSR for an Advantage certificate.
You'll dedicate this certificate for use by Trust Protection Platform.
- After the Advantage certificate is issued, then from the Certificates menu, copy the certificate's tracking ID.
- From the Administration menu, click Advanced settings then API.
- In the Add API Key panel, click Select a certificate.
- Locate the certificate that was created and click Choose this certificate.
- In the Add API Key panel, click Generate Credentials.
- Record the user name and API key.
- Using the issued certificate, import it into the certificate object in Trust Protection Platform that you created in Step 1.
- Create a certificate credential and link the certificate object created in Step 1 to the new credential.
NOTE For information on creating a Certificate Credential object, see Working with system credentials.