Configure the Entrust Validation Authority client certificate in the CA Gateway settings.
Redeploy CA Gateway to make changes effective.
See the Entrust PKI Hub guide for configuring CA Gateway using the Management Console.
Alternatively, you can set the configuration using the clusterctl command-line tool.
- Export the CA Gateway initial configuration with the
clusterctl solution config exportcommand described in the Entrust PKI Hub guide. - Perform the required updates in the
application.ymlconfiguration file. - Update the solution configuration with the
clusterctl solution config importcommand described in the Entrust PKI Hub guide.
See the following sections for the required parameters.
Trust Store (trust-store)
A PKCS #12 file containing:
- The CA certificates already included in the previous Trust Store (if any).
- The certificate of the CA that issued the certificate described in Generating the CA Gateway client certificate.
When using the Management Console:
- Select the Server tab.
- click Select Files under the Trust Store field and import the file.
When using instead the application.yml configuration file, assign the path of this file to the following parameter.
server.ssl.trust-storeSubject DN (subject-dn)
The distinguished name (DN) of the certificate described in Generating the CA Gateway client certificate. When using the Management Console:
- Click the Clients tab.
- Enter the DN in the Subject DN field.
When using instead the application.yml configuration file, assign this DN to the following parameter.
server.clients.subject-dn