Certificate Template

Certificate templates allow you to create dynamic certificates to fit the authentication or encryption needs of your system.

Certificate Template Name Enter a name for your certificate template.
CA Template Name The name of the template on which this certificate is based. A fixed value.
Description A description of the purpose and features of this certificate template.

The intended purpose of the certificate.

  • Both – This certificate is used for both encryption and acceptance purposes.
  • Encryption – This certificate is used for encryption purposes only.
  • Signing – This certificate is used for signature authentication purposes only.
Key Size

The key size of the certificate.

  • 2048
  • 4096
  • 8192

The category of devices this certificate will apply to.

  • Generic Client Certificate – Use this when the other categories do not apply.
  • MQTT Client Certificate – Use this when the MQTT server is configured to require MQTT certificates.
  • HTTP Client Certificate – Use this when connecting to an HTTP server requires a certificate
  • WiFi Client Certificate – Use this when connecting to a WiFi network requires a certificate
Subject Name

The subject name. You can include Macros as part of the subject name to automatically populate with helpful identifiers. Only one identifier can be included in the name. Use Additional Subject Name to apply more.

Note: Your subject name should always begin with cn=. For example, cn=General_Template is a valid subject name, but General_Template is not.
Additional Subject Name

Optional. You can use additional subject names to provide further specificity when applying identifiers to a subject name through the certificate.

Note: Additional subject names should always begin with User Principle Name=. For example, User Principle Name=Add_Sub_Name1 is valid, but Add_Sub_Name1 is not.
Expiring Certificate Options
Three options are available for handling the expiry of certificates:
  • None: Certificate expires without autorenewal or notification.
  • Autorenew: Certificate is automatically renewed and deployed without administrator intervention. The certificate will autorenew a set amount of days before it expires, as you define in the Days Before Autorenew field. Autorenew Deploy After lets you set the clock time after which the certificate is deployed, allowing you to schedule the deployment for less busy times of the operational day.
  • Notify: Certificate is renewed automatically (but not automatically deployed) a certain amount of days before the certificate is set to expire, as you define in the Days Before Autorenew field.