Get started with registered values
Before you begin
Make sure you understand the following DigiCert IoT Trust Manager concepts and components:
Divisions Registered values can be configured so all divisions can view or modify them or only selected divisions.
Certificate profiles Certificate profiles are used by registered values for allowed value validation. Registered values calls these enrollment profiles.
Allowed values dataset A comma-separated list of allowed values used to validate certificate requests.
View registered values
Create registered values
Note
By default, all divisions can view and manage created registered values. To limit access by division, select Only divisions assigned here can view and manage this registered values, and from the dropdown select each division that should have access to the registered values.
Click Create registered values.
On the General settings tab:
Enter a Registered values nickname.
(Optional) Enter a Description.
(Optional) Under Divisions, select which divisions can view and manage the registered values.
Click Next.
On the Assign enrollment profiles tab:
Select the enrollment profiles to be associated with the registered values.
What are enrollment profiles?
Enrollment profiles are your IoT Trust Manager certificate profiles. These certificate profiles are used to identify appropriate allowed values for your registered values. I.e., the enrollment profile(s) you select must have the values you want to check against enabled and set as required in its certificate profile.
Click Next.
(Optional) On the Allowed conditions tab:
Click Add condition.
Select a Certificate field.
(Optional) Enter a Description.
Select a Match type.
Enter the Value to check against.
To add another condition, repeat the above steps.
Note
When configured, an allowed condition checks the specified certificate field against the provided match type and value. For example, an allowed condition with a Match type of Starts with configured to check the Organization name against a Value of DigiCert will only allow certificate requests where the organization name value starts with DigiCert.
Click Next.
On the Allowed values tab:
Enter a Nickname.
(Optional) Enter a Description.
(Optional) To see a dataset example, click Download template.
Upload a CSV dataset.
What are datasets?
Allowed values use datasets, which are comma-separated value (CSV) files, to identify valid certificate requests. Each column in the CSV identifies a certificate value to validate against, with the first row identifying the certificate field, and subsequent rows identifying allowed values for their respective column.
Click Create registered value container. Your registered values is created.