Create Root CA that uses the CloudHSM Crypto Token

To areate a Root CA that uses the CloudHSM Crypto Token, do the following:

  1. Go to the EJBCA Admin Web and select Certification Authorities.
  2. Under the Add CA field, enter a name for the Root CA, for example "Corporate Root CA - G1", and then click Create.
  3. Under Crypto Token select the Corporate Root CA CloudHSM Crypto Token Crypto Token. If you named the keys correctly, they should all populate automatically for the proper usages.

  4. Under Certificate Profile select Corporate Root CA Certificate Profile.
  5. Set the Validity to 25y (or the life you would like this CA to have).
  6. Clear LDAP DN order.
  7. Click Create.