Supervisor Role

Introduction

EJBCA Roles - Create Supervisor role

Slide Deck: EJBCA Roles

Overview: This section creates the "Supervisor" role, and creates a new group for this user. Refer to the chart for an overview of permissions this role is assigned.

Slide Reference

Reminder you can visit the Accessing Your Environment page for details on how to connect to your RA web portal

Create the Supervisor Certificate

1. Open a browser and click RA Web, from the ribbon menu across the top of page

2. Click Enroll >> Make New Request

3. In the Certificate Type drop-down list, select AdministratorEndEntityProfile

4. In the Key-pair generation selection, select By the CA

5. In the CN, Common name field, enter training_Supervisor

6. In the Username field, enter training_Supervisor

7. In the Enrollment code field, enter foo123

8. In the Confirm enrollment code field, enter foo123

9. Click Download PKCS#12

10. Save the file

11. Import the P12 into Firefox. See the previous section entitled "Refresher on importing certificates into Firefox" under "SuperAdmin Role" for the steps.

Create a Role

1. Open a browser and access your Admin Web Portal

2. Click System Functions >> Roles and Access Rules

3. Click Add

4. Enter Training Supervisor Role and click Add

Create the Access Rules

1. On Training Supervisor Role click Access Rules

2. In the Role Template list, select Supervisors

3. In the Authorized CAs list select Sub CA and ManagementCA

4. In the End Entity Profiles list, select TLSClientEndEntityProfile and TLSServerEndEntityProfile

5. Click Save

6. Click Back to Roles Management

Create the Matching Rule

1. On Training Supervisor Role click Members

2. In the Match With list, select X509: CN, Common name

3. In the CA list, select ManagementCA

4. In the Match value field, enter training_Supervisor

5. Click Add

6. Click Back to Roles Management