Adding private CAs

SCM enables you to add private Certificate Authorities (CAs) to issue and manage private certificates.

Add a private CA

Private CA
Trial private CA
Trial Private PQC CA

In order to add a private CA, your account must contain available private CA inventory. If you want to add private CA inventory, contact your SCM account manager.

Navigate to Issuers CAs.
Select a private CA backend from the Select CA backend dropdown list.
Click the Add icon.
In the Create Private CA dialog, select Private CA.
Click Next.

Complete the Create Private CA tabs based on the information provided in the following table.

Field	Description
Friendly Name	The name of the private CA.
Parent Issuer	Indicates whether the private CA is a root CA or an issuing CA. None (Self Issued Root): When selected, the private CA is created as a root CA. Existing root CA: Selecting an existing root CA will create an issuing CA signed by the selected root CA.
Template	The template used to create the private CA. This determines the key size and lifetime of the private CA certificate.
Signature Algorithm	The algorithm used to sign the private CA certificate.
Customer Name	The name of the associated business entity. This value is used in the Organization (O) and Common Name (CN) fields in the private CA certificate.
City or Locality	The city or locality in which the business entity resides.
State or Province	The state or province in which the business entity resides.
Country	The country in which the business entity resides.
Automatically sign CA certificate immediately	When selected, the private CA certificate is automatically signed upon creation.

Field

Description

Friendly Name

The name of the private CA.

Parent Issuer

Indicates whether the private CA is a root CA or an issuing CA.

None (Self Issued Root): When selected, the private CA is created as a root CA.
Existing root CA: Selecting an existing root CA will create an issuing CA signed by the selected root CA.

Template

The template used to create the private CA. This determines the key size and lifetime of the private CA certificate.

Signature Algorithm

The algorithm used to sign the private CA certificate.

Customer Name

The name of the associated business entity. This value is used in the Organization (O) and Common Name (CN) fields in the private CA certificate.

City or Locality

The city or locality in which the business entity resides.

State or Province

The state or province in which the business entity resides.

Country

The country in which the business entity resides.

Automatically sign CA certificate immediately

When selected, the private CA certificate is automatically signed upon creation.

Click OK.

To receive notifications that a private CA is expiring, add a Private CA Expiration notification. For more information, see Adding notifications.

A limited number of trial private CAs are available for each account. For more information, contact your SCM account manager.

Navigate to Issuers CAs.
Select a private CA backend from the Select CA backend dropdown list.
Click the Add icon.
In the Create Private CA dialog, select Trial Private CA.
Click Next.

Complete the Create Private CA tabs based on the information provided in the following table.

Field	Description
Friendly Name	The name of the private CA.
Parent Issuer	Indicates whether the private CA is a root CA or an issuing CA. None (Self Issued Root): When selected, the private CA is created as a root CA. Existing root CA: Selecting an existing root CA will create an issuing CA signed by the selected root CA.
Template	The template used to create the private CA. This determines the key size and lifetime of the private CA certificate.
Signature Algorithm	The algorithm used to sign the private CA certificate.
Customer Name	The name of the associated business entity. This value is used in the Organization (O) and Common Name (CN) fields in the private CA certificate.
City or Locality	The city or locality in which the business entity resides.
State or Province	The state or province in which the business entity resides.
Country	The country in which the business entity resides.
Automatically sign CA certificate immediately	When selected, the private CA certificate is automatically signed upon creation.

Field

Description

Friendly Name

The name of the private CA.

Parent Issuer

Indicates whether the private CA is a root CA or an issuing CA.

None (Self Issued Root): When selected, the private CA is created as a root CA.
Existing root CA: Selecting an existing root CA will create an issuing CA signed by the selected root CA.

Template

The template used to create the private CA. This determines the key size and lifetime of the private CA certificate.

Signature Algorithm

The algorithm used to sign the private CA certificate.

Customer Name

The name of the associated business entity. This value is used in the Organization (O) and Common Name (CN) fields in the private CA certificate.

City or Locality

The city or locality in which the business entity resides.

State or Province

The state or province in which the business entity resides.

Country

The country in which the business entity resides.

Automatically sign CA certificate immediately

When selected, the private CA certificate is automatically signed upon creation.

Click OK.

To receive notifications that a private CA is expiring, add a Private CA Expiration notification. For more information, see Adding notifications.

Trial private PQC CAs are available only when enabled for your account and are subject to per-account limits. For more information, contact your SCM account manager.

Navigate to Issuers CAs.
Select a private CA backend from the Select CA backend dropdown list.
Click the Add icon.
In the Create Private CA dialog, select Trial Private PQC CA.
Click Next.

Complete the Create Private CA tabs based on the information provided in the following table.

Field	Description
Friendly Name	The name of the private CA.
Parent Issuer	Indicates whether the private CA is a root CA or an issuing CA. None (Self Issued Root): When selected, the private CA is created as a root CA. Existing root CA: Selecting an existing root CA will create an issuing CA signed by the selected root CA.
Template	The template used to create the private CA. This determines the key size and lifetime of the private CA certificate.
Signature Algorithm	The algorithm used to sign the private CA certificate.
Customer Name	The name of the associated business entity. This value is used in the Organization (O) and Common Name (CN) fields in the private CA certificate.
City or Locality	The city or locality in which the business entity resides.
State or Province	The state or province in which the business entity resides.
Country	The country in which the business entity resides.
Automatically sign CA certificate immediately	When selected, the private CA certificate is automatically signed upon creation.

Field

Description

Friendly Name

The name of the private CA.

Parent Issuer

Indicates whether the private CA is a root CA or an issuing CA.

None (Self Issued Root): When selected, the private CA is created as a root CA.
Existing root CA: Selecting an existing root CA will create an issuing CA signed by the selected root CA.

Template

The template used to create the private CA. This determines the key size and lifetime of the private CA certificate.

Signature Algorithm

The algorithm used to sign the private CA certificate.

Customer Name

The name of the associated business entity. This value is used in the Organization (O) and Common Name (CN) fields in the private CA certificate.

City or Locality

The city or locality in which the business entity resides.

State or Province

The state or province in which the business entity resides.

Country

The country in which the business entity resides.

Automatically sign CA certificate immediately

When selected, the private CA certificate is automatically signed upon creation.

Click OK.

To receive notifications that a private CA is expiring, add a Private CA Expiration notification. For more information, see Adding notifications.