CertEurope PKI

A technical account should be created.

This technical account must have permissions to enroll and revoke SSL certificates on the desired domain(s).

Only the following fields are managed: commonName and subjectAltName DNS.

For multi-valued fields (SAN DNS), if more data items are provided than configured in CCS for the given "Offer Identifier", the exceeding items will be ignored.

All limitations induced by the use of the CCS REST Connector.

Connector Name* (string input):
Choose a meaningful connector name allowing to identify the mapping between the PKI and the Certificate Profile. It must be unique and must not contain spaces.

Proxy (string select):
If the PKI is not directly reachable from Horizon, you can set up an HTTP/HTTPS proxy to properly forward the traffic.

PKI Queue (string select):
The PKI Queue used to manage the PKI Requests (enrollment, revocation).

Timeout (finite duration):
Represents a predefined interval of time without a PKI response, when the time has passed "Horizon" will cease trying to establish the communication. Must be a valid finite duration.

Endpoint URL to the CSS partner API* (string input):
URL to access the CertEurope web service API.

Technical account credentials* (select):
Select Login credentials containing your technical account created in CCS. The login is usually an email address.

CCS offer identifier* (string input):
The identifier of the offer within CCS.

Organization ID* (string input):
Customer organization ID. For French companies, it’s usually the "SIREN".

Revocation reason (string select):
Select from the drop down the default revocation reason.

Interval before retrying to retrieve certificate (finite duration):
The default value is set to 21 seconds.

Authentication Credentials* (select):
Select Certificate credentials containing the authentication certificate used to connect to the PKI.