To connect and perform operations with a Security Manager CA, CA Gateway requires an administrator profile that is issued by the Security Manager CA. 

To create the administrator profile

  1. Install JDK (Java Development Kit) 17 and set the JAVA_HOME environment library.
  2. Log in to trustedcare.entrust.com
  3. Go to PKI > Authority >CA Gateway.
  4. Download the Profile Creation Utility for your preferred operating system:
    • cagw-profilecreationutility-linux64-version.zip for Linux 64-bit.
    • cagw-profilecreationutility-win64-version.zip for Windows 64-bit.
  5. Extract the file contents.
  6. Run the CA Gateway Profile Creation Utility as explained in the following sections. 

Creating the administrator profile on software

As explained in this section, you can store the administrator profile in software as an Entrust Profile File (EPF).

To create the administrator profile on software

  1. Run the <VERSION> version of the CA Gateway Profile Creation Utility. 
    • cagw-profilecreationutility-<VERSION>/bin/pcu.sh for Linux.
    • cagw-profilecreationutility-<VERSION>/bin/pcu.bat for Windows.
  2. Once on the main menu, select option 2 for Create Entrust profile .
  3. Select option 1 for File on disk
  4. In Take settings from an existing entrust.ini file (y/n)? enter y for yes.
  5. In Enter full path to entrust.ini, enter the path of the local file.
  6. In Enter reference number, enter the reference number you obtained when creating a user entry for the administrator profile.
  7. In Enter authorization code, enter the authorization code you obtained when creating a user entry for the administrator profile.
  8. In Enter profile name, enter a file name for the EPF file. Do not include a file name extension because the utility automatically appends a .epf extension. If you include a .epf extension in the name, it will be added to the file twice.
  9. In Enter profile directory, enter the directory for the EPF file. The name of this file is the name previously entered in Enter profile name.
  10. In Enter profile password, enter a new password to encrypt and MAC the contents of the EPF.

Using the Profile Creation Utility to create the administrator profile on hardware

For information about creating the administrator profile on hardware, see the CA Gateway integration guide for your hardware security module (HSM).