About policy templates and policies¶

In Zero Touch PKI, certificate policies define the rules for issuing and managing certificates. Certificate policy templates are the blueprints you use to create consistent policies.

CyberArk creates the templates. You create policies from those templates and add them to organizations.

Example: MDM policies¶

Templates let you scale certificate policies across organizations.

Let's say you have three organizations for your business units. Each needs two MDM policies: one for device certificates and one for user certificates.

CyberArk creates two templates, MDM Computer and MDM User. The templates define the issuing service, validity period, Subject Alternative Names (SANs), expiry email addresses, and custom fields.

You then create policies in each organization from the templates. Your device and user certificate policies are standardized.

Next steps¶

To add policies, see Manage policies. To learn what a policy contains, see Reference: certificate policies.

Related links¶

• Manage policies
• Reference: certificate policies
• About organizations and roles