Managing CA templates using policies
In Trust Protection Platform, a folder is a policy. Folders let administrators define global configuration parameters for assets associated with a policy, including CA template, device, and application objects.
When an object is defined under a folder (policy), that object is then associated with the folder and is subject to that folder’s settings. Trust Protection Platform reads values for the folder’s subordinate objects. For example, if you configured the Device Host Information settings in a folder object, Trust Protection Platform would read those values for the policy’s subordinate device objects. Thus, policies can be used to standardize object configuration parameters and enforce security requirements.
Thus, policies can be used to standardize object configuration parameters and enforce security requirements.
For more detailed information on how folders work, see Using policies to manage encryption assets.
NOTE You must have write permissions on the Policy object where you want to configure the CA Template object settings.
To access the CA Template settings in the Policy object
-
From the TLS Protect menu bar, click Policy Tree.
You must have write permission on the Policy object where you want to configure the CA Template object settings.
- In the Policy tree, select CA Templates.
-
In the Settings tab, click Certificate Authorities.
The Detail View shows all of the settings that are configurable for each CA template.
- Find the CA template you want, then define the settings you want to apply to the policy's subordinate CA template objects.
-
Lock or unlock the value of each attribute.
Locked attributes cannot be modified in objects contained in that policy, including sub-folders. Unlocked attributes are suggested values. They can be accepted or overwritten in sub-folders.
By default, policy values are unlocked .
For details about CA template object settings, refer to the help topic for the specific integration you're using. For example, if you are using Amazon Amazon Certificate Manager, refer to the topic Integrating Amazon Certificate Manager with Venafi.