For AVX Native Initialization

  1. Go to (Menu) icon > PKI+ > Settings.
    The Settings page appears.
  2. Enter the fields as described in the table.
    Table 1. Field Description for General Settings section
    Field Description
    Custodian Admins Select two custodian administrators.
    Note:
    • Only the default administrators can add custodian administrators.
    • If custodian administrators are configured, only they have the authority to add or remove custodians. However, custodian administrators cannot be designated as custodians themselves.
    • SSO users cannot be custodian administrators.
    Select Certificate Authorities Select from the dropdown list.

    Certificates issued by selected authorities will be maintained in the Managed status in the CA inventory while certificates from unselected authorities will be maintained in the Monitored status in the CA inventory.
    Note: Fields marked with red asterisk (*) symbol are mandatory.
  3. Click Save.
  4. Upload the CPS document.
    Table 2. Fields for CPS Upload section
    Field Description
    *Upload CPS A CPS (Certification Practice Statement) is a comprehensive document that defines the practices, procedures, and responsibilities of a Certificate Authority (CA) in issuing and managing digital certificates. It offers transparency into the CA's operations, detailing how certificates are requested, validated, issued, renewed, revoked, and how the CA ensures the security and integrity of these processes.

    The CPS is a critical element in PKI that establishes the trust framework governing the CA's activities. It is especially important for auditors, relying parties (those who verify certificates), and relying organizations to understand the CA’s operational procedures, security safeguards, and risk management strategies.

    CP and CPS are configurable under templates as per the customer policies. Customers can also upload their CPS document (.pdf) to PKIaaS for hosting. In this case, the CPS URL will be auto generated while template configuration. The certificate policy link present in the template will be part of the issued certificate's policy extension.
    Note: If you are using AppViewX to host, then by default the URI is generated for the template that is reflected in the certificate, so the default URI has to be retained as is. If any changes are made, then those changes will be reflected in the certificate and the CPS will not be hosted.
    Note: Field marked with red asterisk (*) symbol are mandatory.
What to do Next:
  • Enable Templates and Issue Certificate functions by going to (Menu) icon > Platform > Role. Search for the created administrator role and click the link. Switch to the Authorized functions tab and select the Templates and Issue Certificate check boxes in the PKI module.