Entrust MPKI

Prerequisites

The prerequisites for configuring Entrust MPKI CA account in AppViewX are as follows:
  • An Entrust client authentication certificate and credentials having necessary access for CLM actions.
  • AppViewX server should either have internet access or have a proxy configured in AppViewX general settings.

Configuring Entrust MPKI

  1. Go to (Menu) > SIGN+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, Select Entrust.
    The Entrust home page is displayed.
  3. Click the Entrust MPKI tab.
  4. Click the Configure Now button or +Add icon from the middle or top-right of the page respectively.
    The Entrust MPKI configuration page is displayed.
  5. Update the following details in the General Information section as described in the table:
    Table 1. General Information - Field Description Table
    Fields Description
    *CA Account name A unique name to identify the CA setting.
    Note: No special characters other than ‘.’, ‘-’,’_’ are allowed. Names should not start with special characters.
    *Purpose/Usage Certificate Type for which CLM actions will be enabled.

    For example: Server and Client
    Proxy Required Enable this field if the CA communication needs to happen via Proxy. The proxy details configured in general settings will be used for communication.
    Data Center (AppViewX's CA agent) Select the data center through which the CA communication needs to happen.
    *: Mandatory fields
  6. Update the following details in the CA Configuration section as described in the table. These fields are necessary for invoking the Entrust MPKI CA APIs for Certificate Management.
    Table 2. CA Configuration - Field Description Table
    Fields Description
    *Client Authentication Client authentication certificate for API communication.
    Note: Must be a valid <.p12> file.
    *Base URL This URL will contain just the hostname of the Entrust CA instance. Eg - https://api.entrust.net/enterprise/v2
    *: Mandatory fields
  7. Click Fetch CA and Profile Names.
    The attributes available for the CA account will be fetched from the Certificate Authority along with the CA and profile names. A pop-up message is displayed as CA and profiles fetched.
  8. Click Save.
    The created Entrust MPKI configuration settings will be added. A pop-up message is displayed as <CA_name> Settings Added.

Validating Entrust MPKI

Once the Entrust settings are added, validation needs to be done to check whether the connection between AppViewX and Entrust is properly configured.
  1. Go to (Menu) > SIGN+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, Select Entrust.
    The Entrust home page is displayed.
  3. Click Entrust MPKI from the left pane of the page.
    The Entrust MPKI home page is displayed.
  4. In the Status column of the grid with the listed accounts, click Check to validate the CA setting that has been created.
    The CA communication will be validated and the Connection Status will be shown as either Success or Failure.