DigiCert PKI Platform (Symantec Managed PKI)
- 08 Mar 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
DigiCert PKI Platform (Symantec Managed PKI)
- Updated on 08 Mar 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
DigiCert PKI Platform (formerly Symantec Managed PKI) provides a cloud-based enterprise solution for issuing and managing digital certificates to provide authentication and encryption.
Parameters
- Domain (required, default: https://pki-ws.symauth.com/pki-ws) - The Digicert PKI Platform Web Services endpoint. Use the default value.
- RA Certificate File (required) - CER file generated by Digicert PKI Platform. See the section below for details.
- Private Key File (required) - A non-encrypted (passphrase free) private key file.
- HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to Domain.
- If supplied, Axonius will utilize the proxy when connecting to the host defined for this connection.
- If not supplied, Axonius will connect directly to the host defined for this connection.
NOTE
For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
APIs
Axonius uses the PKI Web Services, which is a Web Service hosted at DigiCert that provides the capability to integrate with DigiCert PKI Platform.
Generating RA Certificate and Private Key Files
Prerequisite: OpenSSL utility.
- Run the following OpenSSL command line to generate a key file (use axonius.key for "Private Key File" field):
openssl req -new -newkey rsa:2048 -nodes -out axonius.csr -keyout axonius.key -subj "DigiCert MPKI Axonius Client"
Generate an RA Certificate as follows:
- In Digicert PKI Platform Manager, select Get RA certificate from the Tasks icon at the bottom of the screen.
- Paste the contents of axonius.csr file in to the request field. Click Submit.
- When you are prompted, download the resulting cert.p7b certificate file.
- Convert the resulting cert.p7b file into a .cer file using Digicert instructions:
openssl pkcs7 -print_certs -in certi.p7b -out cert.cer
- Use the outputted cert.cer file for “RA Certificate File” field.
Once the adapter is configured successfully, it is recommended to delete the private key file to prevent potential compromise.
Was this article helpful?