Skip to main content

Teams

Select users, groups, or both to form a team and then map relevant resources to them. You can restrict team resources such as keypairs, releases, and enforce keypair profiles and certificate profiles.

Nota

Enable teams on your account to use this feature.

Enable Teams

You require the Manage license or Manage account settings to enable teams on your account.

  1. Sign in to DigiCert ONE.

  2. Navigate to: Manager menu (top right) >DigiCert​​®​​ Software Trust Manager > Account > Account settings.

  3. Select the edit icon.

  4. Select the checkboxes under the Teams section according to your requirements.

    Nota

    To enforce that a keypair profile must be selected for keypair generation:

    • Enable Allow team mapping for keypairs and certificate profiles under the Teams section.

    • Enable Require keypair profile to generate keypair under the Keypair section.

  5. Select Update settings.

Create a team

You require the Manage all teams permission to create a team.

  1. Sign in to DigiCert ONE.

  2. Select DigiCert​​®​​ Software Trust Manager > Account > Teams.

  3. Select Create.

Complete these fields:

Field

Description

Team name

Name to uniquely identify this team.

Users

Select users who are allowed to access this team's resources.

Groups

Select groups allowed to access this team's resources.

Approvals required

Select the number of approvals required for this team to approve:

  • Offline releases

  • Export keypairs

  • Delete keypairs

  • Revoke certificates

Keypairs

Select keypairs that this team can use.

Keypair profiles

Select keypairs profiles that this team can use.

Certificate profiles

Select certificate profiles that this team can use.

License limitations

Set a maximum number of signature and HSM units this team can use.

Expiry date

Set an expiry date for this team.

Required approvals

The teams feature allows you to select 1-3 approvals required to complete the following actions:

  • Offline releases

  • Export keypairs

  • Delete keypairs

  • Revoke certificates

Nota

  • To request one of the above actions, the team member must have the associated permission: request release window, request keypair export, request keypair delete and, or revoke certificate.

  • To approve one of the above actions, the team member must have the associated permission: approve release window, approve keypair export, approve keypair delete and, or revoke certificate.

Change required approvals

To change the required amount of approvals to complete a specific action within a team:

  1. Sign in to DigiCert ONE.

  2. Navigate to: Manager menu (top right) >DigiCert​​®​​ Software Trust Manager > Account > Teams.

  3. Click on the name of the team you want to update.

  4. Click the edit icon.

  5. Change the approval amount for the action.

Nota

You require the following permission to update the approval amount:

  • Manage all teams permission allows you to change the approval amount on any team in the account.

  • Manage my teams permission allows you to change the approval amount on any team in the account that you are a part of.

Approval procedure

When teams are enabled and a user requests to complete an action:

  1. All users on the team with the permission to approve the action receives an email with the request.

  2. The approver must click View request in the email.

  3. The approver must review the request and click Approve or Reject.

  4. Once the required amount of approvals are received, depending on the request:

    1. The certificate will be revoked.

    2. The keypair will be deleted.

    3. The offline release will be created.

    4. The requester will receive an email with a link to export the keypair.

Nota

If one user rejects the request, the entire request will be canceled. The user will have to request the action again.

En esta sección: