.png){kind=logo}
This provides information on Certificate Profiles, Certificate Profile Fields, and defining Custom Certificate Extensions and Extended Key Usages.
For more information about managing, creating and editing certificate profiles, see Certificate Profiles Operations.
A certificate profile is a basic template used to primarily restrict the shape and form of a certificate.
To this end, the most noticeable fields in the configuration screen concern purpose, key algorithms and algorithm sizes.
One of the other primary purposes of certificate profiles is to be able to define key usage, which restricts what tasks a key pair is certified to perform.
Certificate profiles are also where Certificate Transparency is configured. For more information, see Certificate Transparency or information on the Google's Certificate Transparency project.
Certificate profiles can also be restricted to only work under a limited subset of CAs. Setting this value also limits the visibility of the profile to those users who have rights to all chosen CAs.
Certificate Profile Fields
Each certificate profile contains a large number of configurable fields controlling certificate behavior and validation rules.
For detailed field descriptions, see Certificate Profile Fields.
Certificate Transparency
Certificate Transparency (CT) is an Internet security framework for monitoring and auditing digital certificates.
For more information, see Certificate Transparency Overview or refer to Google's Certificate Transparency project.
Extended Key Usages
Extended Key Usage (EKU) settings define specific application purposes permitted for a certificate.
For more information, see Extended Key Usages.
Custom Certificate Extensions
EJBCA supports adding custom extensions through certificate profiles.
For more information, see Custom Certificate Extensions.