Enrollment profiles
When preparing for DigiCert® IoT Trust Manager device certificate operations, you'll need an enrollment profile. This profile acts as your tailored form for certificate requests. As you set it up, you'll set necessary and optional fields, default settings, and both fixed and request-specific values. You can craft different profiles for each deployment or one for various deployments.
The Enrollment Profiles in IoT Trust Manager detail how devices ask for certificate requests, their reception, and the associated protocols and authentication.
Key features
Request Methods Set how devices ask for certificates, whether via a Portal or specified APIs.
Request Type Choose between individual or grouped certificate requests based on your organization's approach.
Protocol Options Indicate allowable protocols for certificate issuance, including:
EST
SCEP
REST
Authentication Steps Specify which authentication methods devices should use during requests, such as:
Device birth certificates
EST enrollment codes
Certificate Authority Choice The Enrollment Profile lets you pick the Certificate Authority (CA) for signing.
Approval Process Set up a certificate approval mechanism to ensure only valid requests proceed.
Access Limitations Add protective measures like:
Permitted IP addresses
Allowed time periods
Specific date ranges
Coordinated Configurations The Enrollment Profile integrates:
Device Profile
Certificate Profile
Chosen CA