Skip to content

Create an Entrust certificate authority

Entrust features a tool that helps streamline the procurement and administration of SSL certificates. Venafi has partnered with Entrust to give you the ability to quickly and easily request and renew certificates. TLS Protect Cloud supports both Pooling/Non-pooling and FLEX pricing models from Entrust.

  1. In the menu bar, click Settings > Certificate Authorities.
  2. Click New > Entrust.
  3. Type in a Name for your Entrust account.
  4. Upload an API SSL (client) certificate.


    The client certificate must have the Client Authentication EKU.

    About custom fields

    TLS Protect Cloud does not support Entrust Custom Fields. Please make sure Custom Fields are not required for API users in Entrust.

    How do I create a client certificate?
    1. Log in to the Entrust Certificate Services web console.

    2. In the top menu, navigate to Administration > Advanced Settings.

    3. Click API.

      Image of Entrust Advanced Settings screen

    4. Click the highlighted link to download the REST API for ECS Enterprise User Guide and Method Reference.

    5. Follow the steps in the Authentication section that includes instructions on how to create a public/private key pair, SSL certificate, and an API user and key.

  5. After you've uploaded the certificate, enter its Passphrase.

  6. Type your Entrust Username and provide the associated API Key.
  7. Click Validate.
  8. After successful authentication, click Add Account.

What's Next

This CA is now ready to be added to one or more certificate issuing templates. To do this, select this CA when creating certificate issuing templates.