Create Another Administrator Account

The following describes how to create an admin user and add the user to the Super Administrator Role.

Create Admin User

To create an admin user, do the following:

  1. In the EJBCA RA Web, select Make New Request from the Enroll menu.
  2. Select Certificate Type=AdminEndEntity and CA=ManagementCA.
  3. Select the Key algorithm desired.
  4. Enter a CN, Common Name for the Administrator.
  5. Username: Enter a username, same as the CN, Common Name.
  6. Enrollment code: Enter the Enrollment Code (password) twice. This will be the same password that is used to protect the certificate bundle once downloaded.
  7. Click Download PKCS#12 and save the certificate file.

Add User as Admin

To add the user as admin, do the following:

  1. Go to the EJBCA Administration Interface on: https://<EJBCA FQDN>/ejbca/adminweb/
  2. Under System Functions, click Administrator Role.
  3. On the Super Administrator Role, click Members.

  4. Specify the following for the admin role:
    • Match with: Select X509:CN, Common name.
    • CA: Select Management CA for the CA to match on.
    • Match Operator: Specify Equal, case sens.
    • Match Value: The CN value from the created certificate created. In this case, according to the steps above, "jdoe". Note that this is a case sensitive matching.
    • Description: Enter a description, for example a full name.
  5. Click Add to add the user to the Super Administrator Role.