Configure Venafi TPP to use the Futurex Adaptable CA driver

this section outlines how to configure venafi tpp before requesting certificates through the {{futurex}} adaptable ca driver by describing the following tasks manage credentials create a ca template create a certificate policy manage credentials perform the following tasks to add the identity and tls client certificate that you created on the {{k3}} as credentials in venafi tpp define user credentials define tls client certificate credentials the following sections show you how to perform these tasks define user credentials to define user credentials, perform the following steps log in to venafi tpp select policy tree in the main menu in the main policy tree, select add > credential > username credential in the username credential window, add the username and password created for the venafi identity on the {{k3}} earlier in the integration process, and add any other settings needed for the environment, such as a credential expiration date select \[ save ] to save the credential repeat steps 3 5 for each additional user needed define tls client certificate credentials you can use tls client certificates to mutually authenticate with the {{k3}} , allowing only authorized operation and establishing an encrypted tunnel to prevent man in the middle eavesdropping on traffic to define tls client certificate credentials, perform the following steps log in to the venafi tpp select policy tree in the main menu in the main policy tree, select add > credential > certificate credential in the certificate credential window, enter the credential name, choose the option to import a certificate, and select the binary encoded pfx/pkcs #12 certificate that you exported from the {{k3}} earlier in this integration guide specify the corresponding private key password and begin the import process after the certificate imports, select \[ save ] to complete the process create a ca template to create ca templates, perform the following steps log in to venafi trust protection platform select policy tree in the main menu in the main policy tree, select add > ca template > adaptable in the add new adaptable window, define the following general and connection fields field required configuration ca name the desired ca name username credential the username credential you created in the define user credentials section certificate credentia l the certificate credential you created in the define tls client certificate credentials section service address the {{k}} ip address or hostname and the host api port number this must use the following format ex //\<ip address/hostname> \<host api port> for example, ex //216 177 186 25 2001 profile string the container name and name of the issuing ca certificate on the {{k}} this must use the following format \<container name>;\<issuing ca> for example, venafi adaptable ca;issuingca powershell script {{futurex}} {{k}} ca if you need custom x 509 extensions, validity periods, or {{futurex}} approval groups, define them in the custom fields section for these to be visible, you must have run the custom fields powershell script defined earlier in this guide, resulting in successful execution select validate to test the connection and authentication with the {{k3}} this can take 5 15 seconds to complete select \[ save ] to complete the process create a certificate policy to create certificate policies, perform the following steps log in to venafi tpp select policy tree in the main menu in the main policy tree, select add > policy in the add new policy window, define the policy name and other necessary settings and select \[ save ] go to the certificate tab of the new policy in the other information section, select the three dots next to the ca template field and select the ca template you created previously select \[ save ] to complete the process