KeyLocker lead
CertCentral master administrators automatically become the KeyLocker lead. The KeyLocker lead role is usually assigned to an account lead who manages assets, users, and is able to sign with the key stored in DigiCert® KeyLocker.
Permissions
The DigiCert® KeyLocker lead role has the following permissions assigned:
Category | Permission | User can |
---|---|---|
User settings | Default | View their own user profile and generate their own API key and client authentication certificate in DigiCert ONE. |
Manage user |
| |
Account settings | Manage CertCentral API key | Delete, disable, enable, setup, update and validate a CertCentral API key. |
Certificates | View certificate | View certificate details for all certificates assigned to them. Note Users with |
Revoke certificate | Revoke certificates associated with keypairs that they are assigned to. Note Users with | |
Keypairs | View keypair | View keypair details in the account. |
Manage keypair | Update the keypair alias. | |
Signatures | Sign | Sign software with keypairs assigned to them. |