The SCEP certificate types you added to Security Manager have certificate definitions. You must map certificate definition policies to these certificate definitions as described in the following procedures.

To map a certificate definition policy to the SCEP Encryption certificate type

  1. Log in to Security Manager Administration.
  2. In the tree view, expand Security Policy > Certificate Categories > Enterprise > SCEP Encryption > Encryption_p10.
  3. In the Certificate definition Policy drop-down list, select Encryption_P10 policy.
  4. Click Apply.
  5. If prompted, authorize the operation.

To map a certificate definition policy to the SCEP Signing certificate type

  1. Log in to Security Manager Administration.
  2. In the tree view, expand Security Policy > Certificate Categories > Enterprise > SCEP Signing > Verification_p10.
  3. In the Certificate definition Policy drop-down list, select Verification_p10 Policy.
  4. Click Apply.
  5. If prompted, authorize the operation.

To map a certificate definition policy to the SCEP Signing and Encryption certificate type

  1. Log in to Security Manager Administration.
  2. In the tree view, expand Security Policy > Certificate Categories > Enterprise > SCEP Signing and Encryption > Dual Usage.
  3. In the Certificate definition Policy drop-down list, select Dual Usage Policy.
  4. Click Apply.
  5. If prompted, authorize the operation.

To map a certificate definition policy to the SCEP Signing and Nonrepudation certificate type

  1. Log in to Security Manager Administration.
  2. In the tree view, expand Security Policy > Certificate Categories > Enterprise > SCEP Signing and Nonrepudiation > Nonrepudiation.
  3. In the Certificate definition Policy drop-down list, select Nonrepudiation Policy.
  4. Click Apply.
  5. If prompted, authorize the operation.