The Digi-CA™ Certificate Enrolment API
The user will browse to a fully customized Digi-ID™ Application Form Enrolment page. They will complete the details in the web form and click the ‘submit’ button. Depending on the chosen Certificate delivery method (Process/Package), a VB script or Java applet on the webpage can then initiate the chosen Cryptographic Service Provider [CSP] engine to generate the Private Key and Certification request (PKCS#10), before submitting all data (with the exception of the Private Key if the Process Method is chosen) to the Digi-CA™ Certificate Engine core system.
You will need to decide the type and order of the attributes that will appear in the "Subject" field of your Digi-ID™ Certificate. You may have multiple attributes of the same type (e.g. multiple ‘OU’s are common). You will also need to consider what attributes are required and which of these, if any, are optional. These settings may also be overwritten by the Digi-Policy™ applied on the Digi-CA™ Certificate Engine Core system for the specific RA API. The following table is a list of the common attribute types that are currently recognized by the Digi-CA™ Certificate Engine core system:
|
|
|
|
|
|
|
|
|
|
CN |
|
1 |
64 |
|
|
|
|
SN |
|
1 |
64 |
|
|
|
|
|
|
1 |
64 |
|
|
|
|
C |
|
2 |
2 |
|
|
|
|
L |
|
1 |
|
|
|
|
|
S |
|
1 |
|
|
|
|
|
|
|
1 |
|
|
|
|
|
O |
|
1 |
64 |
|
|
|
|
OU |
|
1 |
64 |
|
|
|
|
T |
|
1 |
64 |
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
1 |
40 |
|
|
|
|
|
|
1 |
40 |
|
|
|
|
|
|
1 |
32 |
|
|
|
G |
|
1 |
64 |
|
|
|
|
I |
|
1 |
64 |
|
|
|
|
E |
|
1 |
|
|
|