Certificate profiles
Certificate templates and certificate profiles
A certificate template defines the underlying structure, key types, and general constraints for issued certificates. A certificate profile refines these settings by specifying details such as subject distinguished name (DN) values, certificate validity periods, and which certificate extensions are enabled or disabled.
Example of certificate profile customization
Certificate profiles allow for customization of key attributes to control how certificates are issued for specific deployments.
Example | Description |
|---|---|
Default Subject DN values | Define default subject distinguished name (DN) values, such as organization (O), to ensure consistency for specific device groups. |
Validity period | Set the certificate's validity period to a defined duration (e.g., 2 years), within the limits specified by the certificate template. |
Key usage extension | Enable specific key usage extensions, such as digital signatures. |
Certificate Signing Request | Allow users to provide a Certificate Signing Request (CSR) or use a bare public key for certificate issuance. |