Manage Key Profiles

When creating certificates, key profiles are used to specify details such as key length, encryption algorithms, and other cryptographic parameters. emCA has options such as High-Security Module (HSM) and Public-Key Cryptography Standards #12 (PKCS12) profiles that can be applied to ensure that the generated certificates meet specific security standards and are compatible with the cryptographic infrastructure in place.

The term "Key Profiles" is defined by emCA, which can be accessed through the sub-menu Key Profiles.

When "Key Profiles" is selected, the dialog page for managing key profiles will open.

The Administrator can choose from the following actions to administer Key profiles:

You can use the "Manage Key Profile" feature to create profiles for HSM and PKCS12.

A Key profile can describe either the PKCS11 information needed to connect to an HSM or the PKCS12 information required to generate private keys into PKCS12 key stores.

Create a Key Profile for HSM

Click on + New Profile to open the Key Profile Edit Dialog.

Select Profile Type HSM for the following dialog:

Please enter a unique name for the new key profile in the "Profile Name" field.

For Configuration Type Choose

• Upload – to upload a PKCS11 configuration file.

• Text Area – to open a text area for manual creation of a PKCS11 configuration file

To upload the PKCS11 configuration file from your system, simply click on the "Choose file" button.

Insert the PKCS11 configuration and password for HSM communication.

To ensure that your credentials and configuration are correct, please click on the "Test connection" button.

If the connection is successful, you will be prompted to "authenticate" with your Administrator token. After authentication, click "Confirm" to "save" the key profile.

Similarly, the user has the ability to create a key profile for PKCS 12.