Create a certificate type for the administrator profile CA Gateway will use to connect and perform operations with Security Manager CA.

To create a certificate type for the administrator profile

1. Export the certificate specifications from the Security Manager CA:
   1. Log in to Security Manager Administration for the Security Manager CA.
   2. Select File > Certificate Specifications > Export.
   3. Save the file to a location on the computer.
2. Open the certificate specifications file in a text editor.

3. Add the following to the [Certificate Types] section:

   ent_cagwxap_rsa1=enterprise,CAGW Admin,CA Gateway XAP Administrator

4. Add the following to the [Extension Definitions] section:

   [ent_cagwxap_rsa1 Certificate Definitions]

   1=Dual Usage; Single key dual usage key pair Certificate Type

   [ent_cagwxap_rsa1 Dual Usage Extensions]

   keyusage=2.5.29.15,c,m,BitString,101; digitalSignature(0) and keyEncipherment(2)

   ; Encodes the entAdminServicesClients policy OID (2.16.840.1.114027.10.4)

   certificatepolicies=2.5.29.32,n,o,DER,300D300B06096086480186FA6B0A04
5. Save and close the file.
6. Import the certificate specifications back into the Security Manager CA:
   1. Log in to Security Manager Administration for the Security Manager CA.
   2. Selecting File > Certificate Specifications > Import.
   3. Select the file you edited earlier.