Registering New Domain

Prerequisites

  1. (Tenant Admin) Registering the application in your tenant
  2. (PKI Admin) Selecting a Plan
  3. (PKI Admin) Created a Root CA
  4. (PKI Admin) Created a Subordinate CA

Video Version

Overview

In order to request SSL Certificates, you must register the domain you are planning to use. This enables PKI administrators to keep a record of domain ownership, while allowing domain owners to manage approved users or applications that can request certificates for that domain.

Registering a domain

  1. Go to https://portal.ezca.io/
  2. Navigate to Domains. Domains Menu
  3. Click on “Register Domain”. Domains Menu
  4. Select your Issuing CA. Registering New Domain
  5. Enter your Domain. Registering New Domain
  6. Enter the domain owners. Domain owners are users or groups that will be allowed to manage who can request certificates for this domain. Note: Owners cannot request certificates, if an owner also needs permission to request certificates the owner must be added as a requester. Registering New Domain
  7. Enter the AAD Objects (User, Groups, Service Principals, and MSIs) that will be allowed to request certificates for this domain. Registering New Domain
  8. Click the “Register Domain” button. Registering New Domain
  9. Now that the domain is registered, create your first certificate

    If domain registration approval is set in CA, This request will be sent to the approvers for them to approve. Dual key approval is enforced, meaning that if you are an approver, someone else will have to approve your requests.