Recommended Settings allow you to provide guidance to your DevOps teams when they create CSRs (Certificate Signing Requests) using a particular Issuing Template. This helps eliminate guess work and saves time by providing the settings ahead of time.
For your DevOps teams, Recommended Settings are optional and can be overridden
IMPORTANT You must have a System Admin or PKI Admin role.
To add recommended settings for an issuing template
In the menu bar, click Settings > Issuing Templates.
Click New if you're creating a new issuing template.
- In the template list, click the name of the template to which you want to add recommended settings.
Click Define Recommended Settings.
Fill out each field with settings recommended for the issuing template.
- Common Name and Subject Alternative Name are regular expressions. One or more regular expressions are permitted for these fields.
- Key Type can contain only a single type.
- Key Length can contain only a single value.
Private Key Reuse can be turned off or on.
When you're done, click Save.
The Issuing Template reflects the settings you defined.