Managing EST endpoints

Edit an EST endpoint

  1. Navigate to Enrollment  EST.

  2. Select the endpoint you want to edit, and click Edit.

  3. In the Edit Enrollment Endpoint dialog, click the Edit icon, and update the endpoint’s name as required.

  4. Update the Details tab based on the information provided in the following table.

    Field Description

    Profile

    The certificate profile used when enrolling certificates through the endpoint.

    Automatically approve certificate requests

    When selected, certificate requests are automatically approved without needing administrator approval in SCM. This overrides any approval requirements configured in the certificate profile.

    CAs

    When the issuer CA cannot be determined from the certificate profile, a CA must be selected to provide a CA certificate to the EST client when requested.

  5. Update the Authentication tab based on the information provided in the following table.

    Field Description

    Username/Password

    The username and password used to authenticate the EST client. The password is mandatory when certificate authentication is not in use.

    The username is optional.

    Enable Certificate Authentication

    When enabled, the EST client must present a certificate to authenticate with the EST endpoint.

    Authentication Certificate Issuer

    One or more issuer certificate(s) in .pem format to validate the EST client certificate during authentication.

    Certificate Revocation Check

    How the EST endpoint should check the EST client certificate revocation status.

    The possible values are:

    • None — No revocation check is performed.

    • Certificate Revocation List — The endpoint checks the EST client certificate against the Certificate Revocation List (CRL).

    • Online Certificate Status Protocol — The endpoint checks the EST client certificate against the Online Certificate Status Protocol (OCSP).

    • Auto — The endpoint automatically selects the best method to check revocation based on the EST client certificate.

  6. Click Save.

Delete an EST endpoint

  1. Navigate to Enrollment  EST.

  2. Select the endpoint you want to delete, and click the Delete icon.

  3. Click Delete.