Summary:
GeoTrust Reseller is a pluggable certificate authority driver of Venafi Encryption Director (VED). The purpose of the driver is to request VeriSign SSL reseller certificates from the GeoTrust certificate authority.
More Info:
First create the 'Certificate Authority' object, as per this article:
Creating Certificate Authority Object KB
Steps to configure the GeoTrust Reseller object:
Complete the GeoTrust Reseller object:
NOTE: Venafi suggests you use a policy to allow these settings to flow to multiple objects- see the Settings tab of the policy tab.
- General
- Description - Create a description for this object.
- Contact - User or group identities to be assigned to this object. The default notifications are sent to these contacts.
- Account Settings
- Partner Code - The code needed to connect to the GeoTrust Reseller web service. Contact GeoTrust if you don't have the Partner Code. (It is not displayed upon login, but is sent via e-mail)
- Account Credential - The username and password that is associated with your GeoTrust Reseller account.
- Validate - After entering the Partner code and Account Credential, click on the Validate button to validate the web service connection and to retrieve product names and available validity periods for each of them.
- Technical Contact
- First Name - First name of the person who will be the technical contact for this instance of the GeoTrust Reseller CA object. (The e-mail used when the certificate is requested, or revoked)
- Last Name - Last name of the same person.
- Email - Email address of the same person.
- Phone Number - Phone number of the same person.
- Title - Job title of the same person.
- Organization - The organization this person belongs to.
- Street Address - The street address of the organization this person works for.
- City - City where the organization is.
- Region - State where the organization is.
- Postal Code - Zip code where the organization is.
- Country - Country where the organization is.
- Options
- Product Name - Choose the type of certificate this object will request.
- Manual Approval - This check box is to show whether approval of certificate request is manual or automatic or not. With the GeoTrust Reseller CA, certificate approvals are always manual.
- Subject Alt Name Enabled - If the check box is enabled, your account supports Subject Alt Name (SAN). Set it to checked if this object is to be used to request certificates with SANs.
- Validity Period
- Supported Validity Periods (Years) - Lists the supported validity periods for the selected Product Name.
- Available Validity Periods (Years) - Choose the validity period(s) that this object needs to support from the list of Supported Validity Periods on the right.
After filling up all the entries, click on the 'Apply' button to save the settings.
Associating GeoTrust Reseller CA object to a Certificate object
Now either create a new certificate object or navigate to an existing certificate object. Select the ‘Settings’ tab and for ‘CA Template’ in the ‘Other Information’ section, choose the GeoTrust Reseller CA object you just created above. Select the new ‘GeoTrust Reseller’ tab that will appear on the tab panel above.
Complete the remaining certificate specific GeoTrust Reseller CA fields:
- Settings
- Validity Period – The amount of time, in years, this certificate will be issued for. This list show only the supported validity periods that were selected in the above created GeoTrust Reseller CA object.
- Server Count – The number of servers that this certificate will be placed on (number of licenses needed). ( almost always 1)
- Server Type – The type of server that the certificate is being placed on. This information can be used by the organization for reporting purposes. ( Choose Microsoft Internet Information server)
- Additional Organization Info
- Street Address – The street address of the organization that the certificate is being issued to.
- Postal Code – The zip code of the organization that the certificate is being issued to.
- Phone Number – The main phone number of the organization that the certificate is being issued to.
- Admin Contact
- First Name – The first name of the person who will be the administrative contact for this instance of the GeoTrust Reseller CA object.
- Last Name – The last name of the same person.
- Email – The email address of the same person.
- Phone Number – The phone number of the same person.
- Title – The title of the same person.
- Organization – The name of the organization of the same person.
- Street Address – The street address of the organization.
- City – The city where the organization is.
- Region – The state where the organization is.
- Postal Code – The zip code where the organization is.
- Country – The country where the organization is.
After filling up all the entries, click on the 'Apply' button to save the settings.
Comments