Policy certificates

The list of certificates used in the policy is specified in the certificateData section of the .json file. The table below describes its parameters. In the SDMC administration console, the equivalent parameters are found in Certificate library.

For more information on certificates, refer to the section Managing authority certificates and recovery certificates in SDMC in the Administration guide.

Parameter Description Prescribed values SDMC

certificateData

List of certificates used in the policy.  
  id : Unique ID of the certificate in the policy. Used in other sections of the .json file to identify the certificate. See the example below.

Unique character string.

N/A
 

data: Value of the certificate encoded in Base64.

Character string N/A

Example of a list of two certificates. The first represents the certificate of the authority that issues the keys to be used for creating an automatic account.

"certificateData": [
	{
		"id": "0123456789ab-cdef-0123-4567-89abcdef",
		"data": "LS0tLS1CRUdJTiBDRVJU..."
	},
	{
		"id": "fedcba987654-3210-fedc-ba98-76543210",	
		"data": "UlEWURDQ0FraWdBd0lCQ..."
	},
]

The ID of the first certificate "0123456789ab-cdef-0123-4567-89abcdef" is therefore used as the value in the parameters encryptionKeyAuthorityId and signatureKeyAuthorityId in the automatic account creation policy (accountPolicy section):

"automatic": {
  "encryptionKeyAuthorityId": "0123456789ab-cdef-0123-4567-89abcdef",
  "signatureKeyAuthorityId": "0123456789ab-cdef-0123-4567-89abcdef"
}