Create CVC CA certificate profile

The Card Verifiable Certificate (CVC) Certificate Authority (CA) profile is essential in securing credentials. It plays a critical role in establishing a strong and verifiable framework for certificates. This profile outlines the necessary steps for creating CVC certificates, emphasizing the unique characteristics required for verification.

In order to generate a CVC certificate, the user must select the CVC certificate type while setting up the CA certificate profile.

There are two types of CVC certificate profiles, each explained in the following section:

• CA Certificate Profiles

• User Certificate Profiles

Basic Information:

The visual representation below depicts the "Basic Information" segment found within the Certificate Profile Edit Dialog:

Profile Type: When you start, the system already sets the Profile Type to CA (Certificate Authority) for you.

Profile Name: Give your certificate profile a unique name in the "Profile Name" field. You can use any regular letters or numbers.

Validity Period: Specify how long you want the certificate to be valid in the "Validity" fields. Remember to account for leap days if your certificate will be valid across leap years.

Issuing CA: Choose "Self-Signed" as the only option available. This means that your certificate is validated by itself.

Signature Algorithms: Depending on your preferences, you can choose different signature algorithms for your certificate.

Users can choose the Signature Algorithms, the following options are available:

When selecting the "DSA" algorithm, the corresponding signature algorithm is "SHA1WithDSA."

For the "RSA" algorithm, signature algorithms include "SHA1WithRSA," "SHA256WithRSA," "SHA384WithRSA," and "SHA512WithRSA."

Opting for the "ECDSA" algorithm entails signature algorithms such as "SHA1WithECDA," "SHA256WithECDSA," "SHA384WithECDSA," and "SHA512WithECDSA."

Subject DN Details

The following image displays the Subject DN Details section of the Certificate Profile Edit Dialog:

The Subject Distinguished Name (Subject DN) is the unique name that is attributed to the certificate owner.

A Subject DN consists of a list of Subject DN attributes such as Common Name, Country and Serial Number which are prefixed and not editable.

Click "Proceed" to confirm saving the profile. You will be prompted to authenticate the action by using your Administrator token and pressing Authenticate.

To complete the certificate profile, please click on the 'Confirm' button.

You can create new profiles by clicking on "+New" or go back to the Certificate Profile overview by clicking on "View all".