Defining Recommended Settings for an Issuing Template

Recommended Settings allow you to provide guidance to your DevOps teams when they create CSRs (Certificate Signing Requests) using a particular Issuing Template. This helps eliminate guess work and saves time by providing the settings ahead of time.

For your DevOps teams, Recommended Settings are optional and can be overridden

IMPORTANT   You must have a System Admin or PKI Admin role.

To add recommended settings for an issuing template

  1. In the menu bar, click Settings > Issuing Templates.

  2. Click New if you're creating a new issuing template.


  3. In the template list, click the name of the template to which you want to add recommended settings.
  4. Click Define Recommended Settings.

    Fields where issuing template recommended settings are defined

  5. Fill out each field with settings recommended for the issuing template.

    • Common Name and Subject Alternative Name are regular expressions. One or more regular expressions are permitted for these fields.
    • Key Type can contain only a single type.
    • Key Length can contain only a single value.
    • Private Key Reuse can be turned off or on.

  6. When you're done, click Save.

    The Issuing Template reflects the settings you defined.

    Screenshot of recommended settings below the associated field.