Configure the following settings.

CA Gateway URL

The URL of CA Gateway. This URL:

• Must not contain the API version – for example, it must not contain "/api/v1".
• Must not end with a trailing slash "/".

For example:

Mandatory: Yes.

CAGW Keystore File (P12)

A CA Gateway keystore file. This file must be a PKCS #12 file containing a private key and client certificate for Certificate Enrollment Gateway.

Specifically, to authenticate in the built-in CA Gateway service of the Certificate Authority solution, you must:

1. Create a user of the type described in Creating Certificate Authority tenants.
2. Add this user as an administrator of each CA instance you want to manage, as explained in Managing Certificate Authority instances. When completing the process: 
   • Download the PKCS #12 credential file.
   • Copy the PKCS #12 password. 
3. Select the downloaded PKCS #12 in the CAGW Keystore File (P12) field of the Certificate Enrollment Gateway configuration.
4. Paste the PKCS #12 password in the CAGW Keystore Password field of the Certificate Enrollment Gateway configuration.

Mandatory: Yes.

CAGW Keystore Password

The password of the CAGW Keystore File. 

Mandatory: Yes.

CAGW Keystore Alias

The alias of the private key entry (PrivateKeyEntry) in the CA Gateway Keystore. Run the following command to list all alias names in the <file> keystore.

Mandatory: When the CA Gateway Keystore contains more than one private key.

Trusted CA Certificates File Format

The format of the file containing the CA certificate chain for the CA Gateway client credential. 

• Select Re-use the CAGW Keystore File to re-use the CAGW Keystore File. 
  The deployment will fail if the CAGW Keystore File  does not contain at least a Trusted CA Certificate entry.
• Select P12 to import a P12 truststore file and enter the corresponding password.
• Select PEM to import a PEM-formatted certificate file.

Mandatory: Yes.