Adding a Venafi Zero Touch PKI certificate authority¶
Before you begin¶
You're going to need a few things to complete the CA configuration.
Zero Touch PKI account
If you don't already have an account, you'll need to set that up first. Contact your Zero Touch PKI administrator to establish an account with the proper account role that you can use to create a new Zero Touch PKI certificate authority.
To set up this CA, you'll need the following from Zero Touch PKI:
- Zero Touch PKI URL
- API Key ID
- API Key
To set up the CA¶
Set up the connection¶
- In the menu bar, click Settings > Certificate Authorities.
- Click New > Venafi Zero Touch PKI.
- Enter a Name that this CA should be called in TLS Protect Cloud.
- In the Server URL field, select the URL for the Zero Touch PKI service that your private PKI is hosted at.
Enter the API key ID and API key generated from one of the users in your Zero Touch PKI account.
This user must have the proper role with permissions to the certificate policies that will be used when creating certificate issuing templates. Contact your Zero Touch PKI administrator if you do not have a user account with the correct permissions.
Click Test Connection.
This CA is now ready to be added to one or more certificate issuing templates. To do this, select this CA when creating certificate issuing templates.