Certificate Templates

Stream uses the notion of Certificate Templates to add additional verifications when enrolling a certificate.

To define a new certificate template:

1. Log in to the Stream Administration Interface.

2. Go to OpenSSH > Templates and click add_external_ca .

3. In the General tab, you can set the template’s name, the type of SSH certificates it will generate and turn the template on or off. In the Duration part of the tab, you can edit the lifetime of the certificates that will enroll on this template, as well as backdate them should you need to. In the OpenSSH part of the tab, you can edit the authorized key types as well as the principals required on OpenSSH certificates.

4. Once you’ve configured your template, you can click Save at the top of the page.