Managing EST endpoints
Edit an EST endpoint
-
Navigate to .
-
Select the endpoint you want to edit, and click Edit.
-
In the Edit Enrollment Endpoint dialog, click the Edit icon, and update the endpoint’s name as required.
-
Update the Details tab based on the information provided in the following table.
Field Description Profile
The certificate profile used when enrolling certificates through the endpoint.
Automatically approve certificate requests
When selected, certificate requests are automatically approved without needing administrator approval in SCM. This overrides any approval requirements configured in the certificate profile.
CAs
When the issuer CA cannot be determined from the certificate profile, a CA must be selected to provide a CA certificate to the EST client when requested.
-
Update the Authentication tab based on the information provided in the following table.
Field Description Username/Password
The username and password used to authenticate the EST client. The password is mandatory when certificate authentication is not in use.
The username is optional.
Enable Certificate Authentication
When enabled, the EST client must present a certificate to authenticate with the EST endpoint.
Authentication Certificate Issuer
One or more issuer certificate(s) in
.pemformat to validate the EST client certificate during authentication.Certificate Revocation Check
How the EST endpoint should check the EST client certificate revocation status.
The possible values are:
-
None — No revocation check is performed.
-
Certificate Revocation List — The endpoint checks the EST client certificate against the Certificate Revocation List (CRL).
-
Online Certificate Status Protocol — The endpoint checks the EST client certificate against the Online Certificate Status Protocol (OCSP).
-
Auto — The endpoint automatically selects the best method to check revocation based on the EST client certificate.
-
-
Click Save.