System information

which is linked to the Approve Certificate Profile page. This page lists information about the

certificate profile and allows an agent to approve a certificate profile or disable a

previously-approved certificate profile. An approved certificate profile can only be disabled by

the agent who originally approved it.

If the End User field of the certificate profile is marked true, then this certificate profile appears

as an enrollment form in the end entities page. If the End User field of the certificate profile is

marked false, then this certificate profile does not appear in the end entities page. This

parameter determines whether the certificate profile needs to be received from the end entities

page in order to be processed.

Each policy has a policy information section which shows a table for each policy set. A

certificate profile usually has one policy set. If the enrollment is for dual key pairs, then there are

two policy sets, one for the signing key and one for the encryption key. The policy set defines all

of the defaults and constraints that have been set for the requested certificate. For dual key

• Constraints. The constraints placed on the certificate content. The certificate content in the

To approve a certificate profile, do the following:

1. Go to the Manage Certificate Profiles page, and click on a certificate profile name.

2. Open the Approve Certificate Profile page for that certificate profile.

3. Click on the Approve button at the bottom of the page.

After a certificate profile is approved, it appears in the end entities page, which allows an end

entity to use that certificate profile to enroll for a certificate.

Once a certificate profile is enabled, administrators cannot change any aspect of the certificate

29