Advanced Mode

Introduction

EJBCA Roles - Create Custom role

Slide Deck: EJBCA Roles

Overview: This section creates the "Custom" role, and creates a new group for this user. Refer to the chart for an overview of permissions this role is assigned.

Slide Reference

Reminder you can visit the Accessing Your Environment page for details on how to connect to your RA web portal

Create the Custom Role Certificate

1. Open a browser and click RA Web, from the ribbon menu across the top of page

2. Click Enroll >> Make New Request

3. In the Certificate Type drop-down list, select AdministratorEndEntityProfile

4. In the Key-pair generation selection, select By the CA

5. In the CN, Common name field, enter training_CustomRole

6. In the Username field, enter training_CustomRole

7. In the Enrollment code field, enter foo123

8. In the Confirm enrollment code field, enter foo123

9. Click Download PKCS#12

10. Save the file

11. Import the P12 into Firefox. See the previous section entitled "Refresher on importing certificates into Firefox" under "SuperAdmin Role" for the steps.

Create a Role

1. Open a browser and access your Admin Web Portal

2. Click System Functions >> Roles and Access Rules

3. Click Add

4. Enter Training Custom Role and click Add

Create the Access Rules

1. On Training Custom Role click Access Rules

2. Click Advanced Mode

3. In the /administrator/ field, select Allow

4. In the /system_functionality/edit_administrator_privileges/ field, select Allow

5. In the /system_functionality/view_administrator_privileges/ field, select Allow

6. In the /ca/ field, select Allow

7. Click Save

8. Click Summary

9. Verify the following resources and rules are enabled:

10. Click Back to Roles Management

Create the Matching Rule

1. On Training Custom Role click Members

2. In the Match With list, select X509: CN, Common name.

3. In the CA list, select ManagementCA

4. In the Match value field, enter training_CustomRole

5. Click Add

6. Click Back to Roles Management
   

? Question and Answers ?