The following describes how to create an admin user and add the user to the Super Administrator Role.

Create Admin User

To create an admin user, do the following:

  1. In the EJBCA RA Web, select Make New Request from the Enroll menu.
  2. Select Certificate Type=AdminEndEntity and CA=ManagementCA.
  3. Select the Key algorithm desired.
  4. Enter a CN, Common Name for the Administrator.
  5. Username: Enter a username, same as the CN, Common Name.
  6. Enrollment code: Enter the Enrollment Code (password) twice. This will be the same password that is used to protect the certificate bundle once downloaded.
  7. Click Download PKCS#12 and save the certificate file.

Add User as Admin

To add the user as admin, do the following:

  1. Go to the EJBCA Administration Interface on: https://<EJBCA FQDN>/ejbca/adminweb/
  2. Under System Functions, click Administrator Role.
  3. On the Super Administrator Role, click Members.

  4. Specify the following for the admin role:
    • Match with: Select X509:CN, Common name.
    • CA: Select Management CA for the CA to match on.
    • Match Operator: Specify Equal, case sens.
    • Match Value: The CN value from the created certificate created. In this case, according to the steps above, "jdoe". Note that this is a case sensitive matching.
    • Description: Enter a description, for example a full name.
  5. Click Add to add the user to the Super Administrator Role.