Follow

Microsoft CA and Venafi

About

This article will detail how to set up the MSCA template object in the Policy tree as well as the CA import job in the Discovery tree.

MSCA Template object

  1. In the Policy tree select or create the policy folder in which to contain the template
  2. Create a Username/password credential object - This can be anywhere the user has permissions to in the Policy tree
  3. Right click the Policy folder in question
  4. Select Add -> CA Template -> Microsoft MSCAtemplate.PNG
  5. Fill out the data for the following fields:
    • Hostname - The FQDN that resolves to the CA service
    • Service Name - The name of the CA serviceMSCAName.PNG
    • Credential - The credential object from the Policy tree, It will have options you can select from created credentials in Venafi
  6. Click Retrieve - If this fails you cannot proceed
  7. Select the Template from the list of available templates - This is only available if Retrieve succeeds
  8. Save the object after managing the optional settings - These are dependent on the Template from the MSCA

You can now use this template to issue or renew certificates

CA Import

  1. Go to the Discovery Tree
  2. Right click the Discovery object at the top level
  3. Select Add -> CA Importmscaimport.PNG
  4. Set the following parameters
    • CA Type - Should be Microsoft CA in this case
    • Hostname or IP Address - The FQDN that resolves to the CA
    • Credentials -  The credential object from the Policy tree, It will have options you can select from created credentials in Venafi
    •  - Name of the CA serviceMSCAName.PNG
  5. Click Get Templates
  6. The Placement Rules can be configured or a default folder can be created - this is up to you
  7. For Automatically place certificates into policy when importing - Preview recommended, if this is not set any certificates found will be placed in the Policy tree
Was this article helpful?
0 out of 1 found this helpful

Comments