In Entrust Certificate Authority, create new certificate definition policies for the certificate types added in Adding certificate types to Entrust Certificate Authority for MDMWS P12 enrollment.

These new certificate definitions will allow server-generated keys and private key backup. You will later map them in Mapping certificate definition policies to the MDMWS P12 certificate types.

Creating a Dual Usage P12 certificate definition policy

See below to create a Dual Usage P12 certificate definition policy in Entrust Certificate Authority.

To create a Dual Usage P12 certificate definition policy

  1. Log in to Entrust Certificate Authority Administration.
  2. In the tree view, select Security Policy > User Policies > Dual Usage Policy.
  3. Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
  4. In the Label field, enter Dual Usage P12 Policy.
  5. In the Common name field, enter Dual Usage P12 Policy.
  6. Under Policy Attributes:
    • Select Back up private key.
    • Deselect Generate key at client.
  7. Click Apply.
  8. If prompted, authorize the operation.

Creating an Encryption P12 certificate definition policy

See below to create an Encryption P12 certificate definition policy in Entrust Certificate Authority.

To create an Encryption P12 certificate definition policy

  1. Log in to Entrust Certificate Authority Administration.
  2. In the tree view, select Security Policy > User Policies > Encryption Policy.
  3. Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
  4. In the Label field, enter Encryption P12 Policy.
  5. In the Common name field, enter Encryption P12 Policy.
  6. Under Policy Attributes:
    • Select Back up private key.
    • Deselect Generate key at client.
  7. Click Apply.
  8. If prompted, authorize the operation.

Creating a Verification P12 certificate definition policy

See below to create a Verification P12 certificate definition policy in Entrust Certificate Authority.

To create a Verification P12 certificate definition policy

  1. Log in to Entrust Certificate Authority Administration.
  2. In the tree view, select Security Policy > User Policies > Verification Policy.
  3. Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
  4. In the Label field, enter Verification P12 Policy.
  5. In the Common name field, enter Verification P12 Policy.
  6. Under Policy Attributes:
    • Select Back up private key.
    • Deselect Generate key at client.
  7. Click Apply.
  8. If prompted, authorize the operation.

Creating a Nonrepudation P12 certificate definition policy

See below to create a Nonrepudation P12 certificate definition policy in Entrust Certificate Authority.

To create a Nonrepudation P12 certificate definition policy

  1. Log in to Entrust Certificate Authority Administration.
  2. In the tree view, select Security Policy > User Policies > Encryption Policy.
  3. Select User Policies > Selected User Policy > Copy. The Copy User Policy dialog box appears.
  4. In the Label field, enter Nonrepudiation P12 Policy.
  5. In the Common name field, enter Nonrepudiation P12 Policy.
  6. Under Policy Attributes:
    • Select Back up private key.
    • Deselect Generate key at client.
  7. Click Apply.
  8. If prompted, authorize the operation.