Entrust PKI as a Service provides the following digital signature and key encipherment profiles for ACMEv2 enrollment.
Profile | Usages |
|---|---|
privatessl-tls-client-server | Digital signature and key encipherment with the 1.3.6.1.5.5.7.3.1 extended key usage extension for TLS server authentication and 1.3.6.1.5.5.7.3.2 for TLS client authentication. |
privatessl-tls-server | Digital signature and key encipherment with the 1.3.6.1.5.5.7.3.1 extended key usage extension for TLS server authentication. |
privatessl-tls-client | Digital signature and key encipherment with the 1.3.6.1.5.5.7.3.2 extended key usage extension for TLS client authentication. |
Unless specified in an ACMEv2 request, each of these profiles has a 3-year duration. These ACMEv2 certificate profiles support the following extensions in the certificate requests.
Certificate request extension | OID |
|---|---|
CertificatePolicies | 2.5.29.32 |
ApplicationPolicies | 1.3.6.1.4.1.311.21.10 |