Role based Access

To ensure security, the emCA application is designed such that each role has a unique set of permissions. The following are the roles and their corresponding duties.

CA Administrator:

  • Initial setup: Completes the initial setup process of the emCA application.

  • License registration: Generates a license request and uploads the license to register the emCA application.

  • User management: Creates and manages Administrator users.

  • Certificate authority (CA) management: Deletes Root CA, CA, and Sub/Issuing CA certificates and key pairs.


  • Certificate profile management: Creates and manages certificate profiles.

  • Key profile management: Creates and manages key profiles.

  • User management: Creates and manages Officer, Auditor, and Operator users.


  • CA key generation: Generates CA keys.

  • CA hierarchy management: Creates and manages the CA hierarchy.

  • Certificate revocation list (CRL)/Online Certificate Status Protocol (OCSP) service management: Creates and manages CRL/OCSP services.

  • Certificate management: Creates and manages CA, user, and OCSP certificates using certificate profiles created by the Administrator.

  • Scheduler configuration: Configures the scheduler.

  • Certificate revocation and reinstatement: Revokes and reinstates certificates as needed.

  • Key recovery: Performs complete key recovery activities.


  • Audit log management: Views and downloads audit logs.

  • Report generation: Generates various types of reports.


  • Backup and restore: Performs backup and restore operations.

Last updated