Register Agent in EZCA

Prerequisites

  1. Setup IIS

Introduction

For EZCA to validate the local domain ownership, we have to install a local agent in your network. This web service will receive all ACME request and validate the domain ownership on behalf of EZCA. In this step we will register the ACME Agent in EZCA to issue certificates for your CA.

Registering the Agent in EZCA

  1. Navigate to the EZCA portal.
  2. Navigate to Certificate Authorities. CA Menu
  3. Select the CA you want to add ACME to. CA Menu
  4. Scroll down to the ACME section of the details page ACME Agent Section
  5. Select if Health checks will be done by EZCA or done by you.

    Health Checks make sure that the authentication certificate is kept up to date. If you are not using EZCAs integrated health check, make sure you hit the endpoint “https://YOURACMEAgent/api/Health/Overall” every few minutes.

  6. Enter the subject name for the authentication certificate that will be used to authenticate with EZCA (We will create the certificate in the next page).
  7. Enter the agent friendly name (This is a name for your reference such as “ACME Agent East US”).
  8. Enter the Agent URL.

    If EZCA will perform the health checks, the Agent URL has to be a valid public facing FQDN with a valid SSL certificate.

  9. Click Register Agent ACME Agent Section
  10. Your agent should show as registered. ACME Agent Section