1 Introduction

This document provides a step-by-step guide to the installation and configuration requirements to integrate the Entrust CA (Certification Authority) with MyID^®.

Important: The support for the Entrust Administration Toolkit for C, as documented in this guide, has been superseded by MyID's integration with Entrust using the Entrust Authority Security Administration Toolkit for the Java Platform (JASTK), as documented in the Entrust JASTK CA Integration Guide. For assistance with migrating from the Entrust Administration Toolkit for C to the Entrust Authority Security Administration Toolkit for the Java Platform (JASTK), contact Intercede customer support quoting reference SUP-389.

Entrust certificates can be used in exactly the same way as any other certificate within MyID. Certificates can be issued to cards or the local system, by specifying them in a credential profile or though card updates and edits.

Issuance or recovery of certificates with elliptic-curve cryptography (ECC) keys is not supported for the Entrust certificate authority.

RSA keys are supported. Note, however, that only 1024 and 2048 bit RSA keys are supported; 3072 and 4096 bit keys are not currently supported with this CA.

Important: MyID cannot work with an Entrust CA if it has been configured to support ECC keys and related signing algorithms.