Role based Access

To ensure security, the emCA application is designed such that each role has a unique set of permissions. The following are the roles and their corresponding duties.

CA Administrator:

• Initial setup: Completes the initial setup process of the emCA application.

• License registration: Generates a license request and uploads the license to register the emCA application.

• User management: Creates and manages Administrator users.

• Certificate authority (CA) management: Deletes Root CA, CA, and Sub/Issuing CA certificates and key pairs.

Administrator:

• Certificate profile management: Creates and manages certificate profiles.

• Key profile management: Creates and manages key profiles.

• User management: Creates and manages Officer, Auditor, and Operator users.

Officer:

• CA key generation: Generates CA keys.

• CA hierarchy management: Creates and manages the CA hierarchy.

• Certificate revocation list (CRL)/Online Certificate Status Protocol (OCSP) service management: Creates and manages CRL/OCSP services.

• Certificate management: Creates and manages CA, user, and OCSP certificates using certificate profiles created by the Administrator.

• Scheduler configuration: Configures the scheduler.

• Certificate revocation and reinstatement: Revokes and reinstates certificates as needed.

• Key recovery: Performs complete key recovery activities.

Auditor:

• Audit log management: Views and downloads audit logs.

• Report generation: Generates various types of reports.

Operator:

• Backup and restore: Performs backup and restore operations.