KeyLocker lead
CertCentral master administrators automatically become the KeyLocker lead. The KeyLocker lead role is usually assigned to an account lead who manages assets, users, and is able to sign with the key stored in DigiCert® KeyLocker.
Permissions
The DigiCert® KeyLocker lead role has the following permissions assigned:
Category | Permission | Description |
---|---|---|
User settings | Default | User can view their own user profile and generate their own API key and client authentication certificate in DigiCert ONE. |
Manage user | User can:
| |
Account settings | Manage CertCentral API key | User can delete, disable, enable, setup, update and validate a CertCentral API key. |
Certificates | View certificate | User can view certificate details in the account. |
Revoke certificate | User can revoke certificates in the account. | |
Keypairs | View keypair | User can view keypair details in the account. |
Manage keypair | User can update the keypair alias. | |
Signatures | Sign | User can sign. |