The "Get CA Capabilities" endpoint returns the following values for each enrollment capability.
CAGeneratedKey
Generate the key in the server and return the generated key in PKCS#12 form). Individual profiles within the CA can disable this capability.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | True |
CAGeneratedKeyBackup
Back up the server-generated key.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | False |
Microsoft ADCS | True |
ClientGeneratedKeyBackup
Back up the key provided by the client during the request.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | False |
Microsoft ADCS | True |
EnrollmentByCSR
Support certificate signing requests.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | True |
ExtensionInCSR
Process the extension request in the CSR.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | True |
ExtensionInRequest
Process the extension request in the enrollment request.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | False |
Microsoft ADCS | False |
KeyInRequest
In the enrollment request, the client can add a key for the enrollment.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | False |
Microsoft ADCS | False |
PKCS12Response
Return certificates and keys in PKCS#12 form.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | True |
SANInCSR
Process the Subject Alternative Names in the CSR.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | True |
SANInRequest
Process Subject Alternative Names in the enrollment request.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | False |
SubjectNameInRequest
Use Subject Name parameters of the CSR to construct the subject's DN of the supplied order.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | False |
ValidateProofOfPossesion
Validate the proof of possession.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | False |
Microsoft ADCS | False |
ValidityPeriodInRequest
Requests can supply a validity period.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | False |
Microsoft ADCS | False |
X509CertificateResponse
Return certificates in X509 form.
CA | Returned value |
|---|---|
Entrust Security Manager | True |
ECS | True |
Microsoft ADCS | True |