Skip to main content

Certificate profiles

Certificate templates and certificate profiles

A certificate template defines the underlying structure, key types, and general constraints for issued certificates. A certificate profile refines these settings by specifying details such as subject distinguished name (DN) values, certificate validity periods, and which certificate extensions are enabled or disabled.

Example of certificate profile customization

Certificate profiles allow for customization of key attributes to control how certificates are issued for specific deployments.

Tabella 1. Certificate profile customization examples

Example

Description

Default Subject DN values

Define default subject distinguished name (DN) values, such as organization (O), to ensure consistency for specific device groups.

Validity period

Set the certificate's validity period to a defined duration (e.g., 2 years), within the limits specified by the certificate template.

Key usage extension

Enable specific key usage extensions, such as digital signatures.

Certificate Signing Request

Allow users to provide a Certificate Signing Request (CSR) or use a bare public key for certificate issuance.


What’s next?

Create a certificate profile