Knowledge Base

Overview: 

This article provides a comprehensive guide for administrators on how to create enrollment forms for client certificates in Sectigo Certificate Manager (SCM), add persons, and request client certificates. It also includes best practices and troubleshooting tips to ensure smooth operations. 

Prerequisites 

Before you begin, ensure the following: 

Step-by-Step Instructions 

Part 1: Create an Enrollment Form for Client Certificates 

1. Log in to SCM Dashboard and navigate to Enrollment > Enrollment Forms. 

2. Click the Add (+) icon to create a new form. 

3. In the Create Enrollment Form dialog: 

Name: Provide a descriptive name (e.g., OrgName – Client Certificate). 

Type: Select Client certificate self-enrollment. 

4. On the Details tab, click Generate to create the Enrollment Endpoint URL and save it for distribution. 

5. Configure authentication on the Configuration tab: 

Select Email Confirmation or Secret ID authentication. 

Optionally add Help Instructions and external help page links. 

6. Click Save to finalize the enrollment form. 

Part 2: Add an Account to the Enrollment Form 

1. Navigate to Enrollment > Enrollment Forms and select your form. 

2. Click Accounts and then Add (+). 

3. Fill in account details: 

Select certificate profiles and CSR generation method (usually Server). 

Choose authorization method: Secret ID or Access Code. 

4. Click Save. 

Part 3: Add Persons in SCM 

1. Navigate to Persons in the SCM dashboard. 

2. Click Add (+) and enter details: 

Organization, Department, Domain. 

First Name, Last Name, Email Address. 

3. On the Details tab, set Common Name (CN), Validation Type, and Secret ID. 

4. Click Save. Bulk import via CSV is also supported. 

Part 4: Request a Client Certificate 

1. Open the Enrollment Form URL generated earlier. 

2. Authenticate using Email Confirmation or Secret ID. 

3. Complete the form and submit it. 

4. Download the issued certificate (usually PKCS#12 format). 

Best Practices 

Troubleshooting Tips