• doc.primekey.com
  • doc.primekey.com
  • Topics
    • EJBCA Introduction
      • EJBCA Concepts
      • EJBCA Architecture
        • External OCSP Responders
        • Internal Architecture
      • Interoperability and Certifications
        • Common Criteria
    • EJBCA Installation
      • Installation Prerequisites
      • Managing EJBCA Configurations
      • Creating the Database
      • Application Servers
        • WildFly 10 / JBoss EAP 7.0
        • WildFly 12 / JBoss EAP 7.1
        • WildFly 14 / JBoss EAP 7.2
      • Deploying EJBCA
      • Installing EJBCA
        • Install EJBCA as a CA without a Management CA
        • Installing EJBCA as a CA with a Management CA
        • Installing EJBCA as an RA or VA
          • Synchronizing the VA Database
          • Connecting an RA to a CA over Peers
      • Finalizing the Installation
      • High Availability (HA), a.k.a Clustering
      • Maximizing Performance
      • EJBCA Security
      • Deployment Reference
      • Upgrading EJBCA
      • EJBCA Software Appliance
    • EJBCA Operations
      • EJBCA CA Concept Guide
        • Certificate Authority Overview
          • CA Fields
          • ePassport PKI
          • ECDSA Keys and Signatures
          • CVC CA
            • Creating CVCAs and DVs
            • CVC Sequence
            • EAC Roles and Access Rights
            • Document Verifiers (DV)
            • Creating Authenticated Requests and Link Certificates
            • Inspection Systems
            • Web Service API
            • Command Line Client
            • Importing CAs
            • Using HSMs
            • PEM Requests
            • SPOC PKI
          • Partitioned CRLs
        • Crypto Tokens Overview
        • End Entities Overview
          • Certificate Statuses
          • End Entity Profiles Overview
            • E-mail Notifications
            • Self Registration
            • End Entity Profiles Fields
          • Printing of User Data
          • Subject Distinguished Names
            • Custom Subject DN and altName OIDs
        • Publishers Overview
          • Active Directory Publisher
          • Custom Publishers
            • Certificate Sampler Custom Publisher
            • Cert Safe Publisher for an HTTPS Server
            • Customer Specific Publisher for a PKD-like Catalog
          • LDAP Publisher/LDAP Search Publisher
          • Multi Group Publisher
          • SCP Publisher
          • Validation Authority Peer Publisher
          • Validation Authority Publisher (Legacy)
          • AWS S3 Publisher
        • Validators Overview
          • Key Validators
          • Certificate Field Validators
          • Post Processing Validators
        • Certificate Profiles Overview
          • Certificate Profile Fields
          • Certificate Transparency Overview
          • Custom Certificate Extensions
          • Extended Key Usages
        • Approval Profiles
          • Accumulative Approval Profiles
          • Partitioned Approval Profiles
        • Services
          • Certificate and CRL Reader Service
          • Certificate Expiration Check Service
          • CRL Download and CRL Update Service
          • CRL Updater Service
          • HSM Keepalive Service
          • Publisher Queue Process Service
          • Remote Internal Key Binding Updater
          • Renew CA Service
          • User Password Expire Service
        • Peer Systems
        • Internal Key Bindings Overview
          • OcspKeyBinding
          • AuthenticationKeyBinding
        • Roles and Access Rules
          • Access Rules
          • Predefined Role Templates
        • Protocols
          • ACME
          • Certificate Store Access via HTTP
          • EJBCA REST Interface
          • CMP
          • EST
          • OCSP
            • OCSP Response Extensions
              • Archive Cutoff
              • CertificateHash
              • Unid FNR
          • SCEP
          • Web Service Interface
        • Logging
          • Audit Log Overview
            • Integrity Protected Security Audit Log
            • Security Audit Events
        • Character Limitations
        • User Data Sources
      • EJBCA RA Concept Guide
        • EJBCA RA Administration
        • Custom RA Stylesheets
        • External RA using Database Polling
      • EJBCA Operations Guide
        • CA Operations Guide
          • Approving Actions
          • CA Web Overview
          • Configure EJBCA for Public Access
          • CRL Generation
          • EJBCA Configuration Checker
            • Configuration Issues
          • EJBCA Maintenance
            • Backup and Restore
            • Clearing System Caches
            • Monitoring and Healthcheck
            • Web UI Sessions
          • End Entities
            • Create Server Certificates
            • Issue a new PKCS#12 keystore for an SSL server
            • Issue a New Server Certificate from a CSR
            • Create User Certificates
            • Certificate Renewal
            • Request Browser Certificate Renewal
            • Renaming and Editing Users
            • SSL Certificate Expiration
          • End Entity Profile Operations
            • Create an End Entity Profile for SSL Servers
          • Exporting and Importing Profiles
          • Importing Certificates
          • Key Recovery
          • Managing CAs
            • CA Rollover
            • Converting an OpenSSL CA
            • Creating a SubCA Signed by an External CA
            • Creating CA's
            • Renewing a SubCA Signed by an External CA
            • Requesting a Cross or Bridge certificate
            • Signing an External CA
            • Signing a Rollover Certificate
          • Managing Certificate Profiles
            • Create a Certificate Profile for SSL Servers
            • Import/Export Certificate Profiles
            • Certificate Transparency
          • Managing Crypto Tokens
            • CP5 Crypto Token
          • Managing Internal Keybindings
          • Modular Protocol Configuration
          • OCSP Management
            • Setting up a Responder Using the CLI
          • Peer Systems Operations
          • Roles and Access Rules Operations
            • Managing Role Namespaces
        • RA Operations Guide
          • Certificate and End Entity Life Cycle Management
          • Creating Certificates on the RA
          • Managing Requests in the RA UI
          • Managing Roles and Access Rules from the RA
        • Command Line Interfaces
          • EJBCA Client Toolbox
          • EJBCA Validation/Conformance Tool
            • Validation Tool Configuration
            • Validation Tool Features
          • P11NG-CLI
        • EJBCA Batch Enrollment GUI
        • ConfigDump Tool
    • EJBCA Integration
      • Integrating with Third-Party Applications
        • Access EJBCA using USB Tokens and Smart Cards
          • Using YubiKeys with EJBCA
        • Native Certificate Autoenrollment for Windows
          • Autoenrollment Requirements
          • Part 1: EJBCA Administration
          • Part 2: Microsoft Certification Authority and Group Policies
          • Part 3: Configuring the Microsoft Autoenrollment Servlet
          • Part 4: Duplicate Certificate Fix
          • Appendix
        • Microsoft Intune Device Certificate Enrollment
          • Certificate Enrollment Requirements
          • Configure EJBCA Server
          • Configure Intune
          • Configure Intune EJBCA Connector Server
          • Enroll Windows 10 Devices to Intune
        • Script based Autoenrollment for Windows clients with EJBCA
        • Integrating EJBCA with Graylog
        • Versasec Card Management System Integration
        • Ciphermail Email Gateway and EJBCA Integration
        • Microsoft Smart Card Logon
        • EJBCA and Cisco ISE
        • EJBCA and Cisco IOS
        • OpenSSH and X509 Authentication
        • Configure EJBCA with OpenSSO
        • Setting up an Apache Web Server as a Proxy
        • Setting up an Apache Web Server with mod_jk
        • Setting up a HA Proxy in front of EJBCA
        • EJBCA with GemSAFE Toolbox
        • SensorNet PKI
        • Issuing Certificates to Kubernetes Services using cert-manager
      • Hardware Security Modules (HSM)
        • Generic PKCS#11 Provider
        • AEP Keyper
        • ARX CoSign
        • Bull Trustway PCI Crypto Card
        • Bull Trustway Proteccio
        • nCipher nShield/netHSM
        • Nitrokey HSM
        • SafeNet AT Luna
        • SafeNet Luna
        • SafeNet ProtectServer
        • SmartCard-HSM
        • SoftHSM
        • Unbound Key Control
        • Utimaco CryptoServer
        • Utimaco CryptoServer CP5
        • YubiHSM 2
    • Troubleshooting Guide
      • Command Line Interface
      • Cryptography and Security
      • Installation and Deployment
      • Enrollment Questions
      • Performance/Timeouts
      • Publishing
      • Troubleshoot Database Performance in Wildfly
      • Validation Authority
    • Tutorials and Guides
      • Quick Install Guide
      • Migrating from other CAs to EJBCA
        • Migrating RSA Keon CA with nCipher
        • Migrating Microsoft CA to EJBCA
        • Migrating an OpenSSL CA to EJBCA
      • Modifying EJBCA
        • Getting Started With EJBCA Development
        • Handling Configurations in a Separate Directory
        • Creating Plugins
        • Customizing the User Interface
        • Adding Rules to Regulate Values of End Entity Fields
      • Enabling Debug Logging
      • Creating a custom RA application using EJBCA Web Services and Java
      • Using EJBCA as a Certificate Management System (CMS)
      • Batch Creating Certificates
      • Making an ASN.1 Dump of a Certificate
      • Using the Demo Servlet
      • Setting up Peer Connectors and OCSP
    • EJBCA Release Information
      • EJBCA Release Notes
        • EJBCA 7.3.1.3 Release Notes
        • EJBCA 7.3.1.2 Release Notes
        • EJBCA 7.3.1.1 Release Notes
        • EJBCA 7.3.1 Release Notes
        • EJBCA 7.3 Release Notes
        • EJBCA 7.2.1.1 Release Notes
        • EJBCA 7.2.1 Release Notes
        • EJBCA 7.2 Release Notes
        • EJBCA 7.1 Release Notes
        • EJBCA 7.0.1 Release Notes
        • EJBCA 7.0.0 Release Notes
        • EJBCA 6.15.2.5 Release Notes
        • EJBCA 6.15.2 Release Notes
        • EJBCA 6.15.1 Release Notes
        • EJBCA 6.15 Release Notes
        • EJBCA 6.14.1 Release Notes
        • EJBCA 6.14 Release Notes
        • EJBCA 6.13 Release Notes
        • EJBCA 6.12 Release Notes
        • EJBCA 6.11 Release Notes
          • EJBCA 6.11.0.1 Release Notes
          • EJBCA 6.11.1 Release Notes
        • EJBCA 6.10 Release Notes
          • EJBCA 6.10.1 Release Notes
        • EJBCA 6.9 Release Notes
          • EJBCA 6.9.1 Release Notes
        • EJBCA 6.8 Release Notes
        • EJBCA 6.7 Release Notes
        • EJBCA 6.6 Release Notes
        • EJBCA 6.5 Release Notes
        • EJBCA 6.4 Release Notes
        • EJBCA 6.3 Release Notes
        • EJBCA 6.2 Release Notes
        • EJBCA 6.1 Release Notes
        • EJBCA 6.0 Release Notes
        • EJBCA Release Notes Summary
        • EJBCA Change Log Summary
      • EJBCA Upgrade Notes
        • EJBCA 7.3.1.2 Upgrade Notes
        • EJBCA 7.3.1.1 Upgrade Notes
        • EJBCA 7.3.1 Upgrade Notes
        • EJBCA 7.3 Upgrade Notes
        • EJBCA 7.2.1 Upgrade Notes
        • EJBCA 7.2 Upgrade Notes
        • EJBCA 7.1 Upgrade Notes
        • EJBCA 7.0.1 Upgrade Notes
        • EJBCA 7.0 Upgrade Notes
        • EJBCA 6.15.2.5 Upgrade Notes
        • EJBCA 6.15 Upgrade Notes
        • EJBCA 6.14 Upgrade Notes
        • EJBCA 6.13 Upgrade Notes
        • EJBCA 6.12 Upgrade Notes
        • EJBCA 6.11 Upgrade Notes
        • EJBCA 6.10 Upgrade Notes
        • EJBCA 6.9 Upgrade Notes
        • EJBCA 6.8 Upgrade Notes
        • EJBCA 6.7 Upgrade Notes
        • EJBCA 6.6 Upgrade Notes
        • EJBCA 6.5 Upgrade Notes
        • EJBCA 6.4 Upgrade Notes
        • EJBCA 6.3 Upgrade Notes
        • EJBCA 6.2 Upgrade Notes
        • EJBCA 6.1 Upgrade Notes
        • EJBCA 6.0 Upgrade Notes
        • EJBCA Upgrade Notes Summary
  • EJBCA Versions
  • Products
  • Contact
  • magnifier
  • EJBCA Introduction
    • EJBCA Concepts
    • EJBCA Architecture
      • External OCSP Responders
      • Internal Architecture
    • Interoperability and Certifications
      • Common Criteria
  • EJBCA Installation
    • Installation Prerequisites
    • Managing EJBCA Configurations
    • Creating the Database
    • Application Servers
      • WildFly 10 / JBoss EAP 7.0
      • WildFly 12 / JBoss EAP 7.1
      • WildFly 14 / JBoss EAP 7.2
    • Deploying EJBCA
    • Installing EJBCA
      • Install EJBCA as a CA without a Management CA
      • Installing EJBCA as a CA with a Management CA
      • Installing EJBCA as an RA or VA
        • Synchronizing the VA Database
        • Connecting an RA to a CA over Peers
    • Finalizing the Installation
    • High Availability (HA), a.k.a Clustering
    • Maximizing Performance
    • EJBCA Security
    • Deployment Reference
    • Upgrading EJBCA
    • EJBCA Software Appliance
  • EJBCA Operations
    • EJBCA CA Concept Guide
      • Certificate Authority Overview
        • CA Fields
        • ePassport PKI
        • ECDSA Keys and Signatures
        • CVC CA
          • Creating CVCAs and DVs
          • CVC Sequence
          • EAC Roles and Access Rights
          • Document Verifiers (DV)
          • Creating Authenticated Requests and Link Certificates
          • Inspection Systems
          • Web Service API
          • Command Line Client
          • Importing CAs
          • Using HSMs
          • PEM Requests
          • SPOC PKI
        • Partitioned CRLs
      • Crypto Tokens Overview
      • End Entities Overview
        • Certificate Statuses
        • End Entity Profiles Overview
          • E-mail Notifications
          • Self Registration
          • End Entity Profiles Fields
        • Printing of User Data
        • Subject Distinguished Names
          • Custom Subject DN and altName OIDs
      • Publishers Overview
        • Active Directory Publisher
        • Custom Publishers
          • Certificate Sampler Custom Publisher
          • Cert Safe Publisher for an HTTPS Server
          • Customer Specific Publisher for a PKD-like Catalog
        • LDAP Publisher/LDAP Search Publisher
        • Multi Group Publisher
        • SCP Publisher
        • Validation Authority Peer Publisher
        • Validation Authority Publisher (Legacy)
        • AWS S3 Publisher
      • Validators Overview
        • Key Validators
        • Certificate Field Validators
        • Post Processing Validators
      • Certificate Profiles Overview
        • Certificate Profile Fields
        • Certificate Transparency Overview
        • Custom Certificate Extensions
        • Extended Key Usages
      • Approval Profiles
        • Accumulative Approval Profiles
        • Partitioned Approval Profiles
      • Services
        • Certificate and CRL Reader Service
        • Certificate Expiration Check Service
        • CRL Download and CRL Update Service
        • CRL Updater Service
        • HSM Keepalive Service
        • Publisher Queue Process Service
        • Remote Internal Key Binding Updater
        • Renew CA Service
        • User Password Expire Service
      • Peer Systems
      • Internal Key Bindings Overview
        • OcspKeyBinding
        • AuthenticationKeyBinding
      • Roles and Access Rules
        • Access Rules
        • Predefined Role Templates
      • Protocols
        • ACME
        • Certificate Store Access via HTTP
        • EJBCA REST Interface
        • CMP
        • EST
        • OCSP
          • OCSP Response Extensions
            • Archive Cutoff
            • CertificateHash
            • Unid FNR
        • SCEP
        • Web Service Interface
      • Logging
        • Audit Log Overview
          • Integrity Protected Security Audit Log
          • Security Audit Events
      • Character Limitations
      • User Data Sources
    • EJBCA RA Concept Guide
      • EJBCA RA Administration
      • Custom RA Stylesheets
      • External RA using Database Polling
    • EJBCA Operations Guide
      • CA Operations Guide
        • Approving Actions
        • CA Web Overview
        • Configure EJBCA for Public Access
        • CRL Generation
        • EJBCA Configuration Checker
          • Configuration Issues
        • EJBCA Maintenance
          • Backup and Restore
          • Clearing System Caches
          • Monitoring and Healthcheck
          • Web UI Sessions
        • End Entities
          • Create Server Certificates
          • Issue a new PKCS#12 keystore for an SSL server
          • Issue a New Server Certificate from a CSR
          • Create User Certificates
          • Certificate Renewal
          • Request Browser Certificate Renewal
          • Renaming and Editing Users
          • SSL Certificate Expiration
        • End Entity Profile Operations
          • Create an End Entity Profile for SSL Servers
        • Exporting and Importing Profiles
        • Importing Certificates
        • Key Recovery
        • Managing CAs
          • CA Rollover
          • Converting an OpenSSL CA
          • Creating a SubCA Signed by an External CA
          • Creating CA's
          • Renewing a SubCA Signed by an External CA
          • Requesting a Cross or Bridge certificate
          • Signing an External CA
          • Signing a Rollover Certificate
        • Managing Certificate Profiles
          • Create a Certificate Profile for SSL Servers
          • Import/Export Certificate Profiles
          • Certificate Transparency
        • Managing Crypto Tokens
          • CP5 Crypto Token
        • Managing Internal Keybindings
        • Modular Protocol Configuration
        • OCSP Management
          • Setting up a Responder Using the CLI
        • Peer Systems Operations
        • Roles and Access Rules Operations
          • Managing Role Namespaces
      • RA Operations Guide
        • Certificate and End Entity Life Cycle Management
        • Creating Certificates on the RA
        • Managing Requests in the RA UI
        • Managing Roles and Access Rules from the RA
      • Command Line Interfaces
        • EJBCA Client Toolbox
        • EJBCA Validation/Conformance Tool
          • Validation Tool Configuration
          • Validation Tool Features
        • P11NG-CLI
      • EJBCA Batch Enrollment GUI
      • ConfigDump Tool
  • EJBCA Integration
    • Integrating with Third-Party Applications
      • Access EJBCA using USB Tokens and Smart Cards
        • Using YubiKeys with EJBCA
      • Native Certificate Autoenrollment for Windows
        • Autoenrollment Requirements
        • Part 1: EJBCA Administration
        • Part 2: Microsoft Certification Authority and Group Policies
        • Part 3: Configuring the Microsoft Autoenrollment Servlet
        • Part 4: Duplicate Certificate Fix
        • Appendix
      • Microsoft Intune Device Certificate Enrollment
        • Certificate Enrollment Requirements
        • Configure EJBCA Server
        • Configure Intune
        • Configure Intune EJBCA Connector Server
        • Enroll Windows 10 Devices to Intune
      • Script based Autoenrollment for Windows clients with EJBCA
      • Integrating EJBCA with Graylog
      • Versasec Card Management System Integration
      • Ciphermail Email Gateway and EJBCA Integration
      • Microsoft Smart Card Logon
      • EJBCA and Cisco ISE
      • EJBCA and Cisco IOS
      • OpenSSH and X509 Authentication
      • Configure EJBCA with OpenSSO
      • Setting up an Apache Web Server as a Proxy
      • Setting up an Apache Web Server with mod_jk
      • Setting up a HA Proxy in front of EJBCA
      • EJBCA with GemSAFE Toolbox
      • SensorNet PKI
      • Issuing Certificates to Kubernetes Services using cert-manager
    • Hardware Security Modules (HSM)
      • Generic PKCS#11 Provider
      • AEP Keyper
      • ARX CoSign
      • Bull Trustway PCI Crypto Card
      • Bull Trustway Proteccio
      • nCipher nShield/netHSM
      • Nitrokey HSM
      • SafeNet AT Luna
      • SafeNet Luna
      • SafeNet ProtectServer
      • SmartCard-HSM
      • SoftHSM
      • Unbound Key Control
      • Utimaco CryptoServer
      • Utimaco CryptoServer CP5
      • YubiHSM 2
  • Troubleshooting Guide
    • Command Line Interface
    • Cryptography and Security
    • Installation and Deployment
    • Enrollment Questions
    • Performance/Timeouts
    • Publishing
    • Troubleshoot Database Performance in Wildfly
    • Validation Authority
  • Tutorials and Guides
    • Quick Install Guide
    • Migrating from other CAs to EJBCA
      • Migrating RSA Keon CA with nCipher
      • Migrating Microsoft CA to EJBCA
      • Migrating an OpenSSL CA to EJBCA
    • Modifying EJBCA
      • Getting Started With EJBCA Development
      • Handling Configurations in a Separate Directory
      • Creating Plugins
      • Customizing the User Interface
      • Adding Rules to Regulate Values of End Entity Fields
    • Enabling Debug Logging
    • Creating a custom RA application using EJBCA Web Services and Java
    • Using EJBCA as a Certificate Management System (CMS)
    • Batch Creating Certificates
    • Making an ASN.1 Dump of a Certificate
    • Using the Demo Servlet
    • Setting up Peer Connectors and OCSP
  • EJBCA Release Information
    • EJBCA Release Notes
      • EJBCA 7.3.1.3 Release Notes
      • EJBCA 7.3.1.2 Release Notes
      • EJBCA 7.3.1.1 Release Notes
      • EJBCA 7.3.1 Release Notes
      • EJBCA 7.3 Release Notes
      • EJBCA 7.2.1.1 Release Notes
      • EJBCA 7.2.1 Release Notes
      • EJBCA 7.2 Release Notes
      • EJBCA 7.1 Release Notes
      • EJBCA 7.0.1 Release Notes
      • EJBCA 7.0.0 Release Notes
      • EJBCA 6.15.2.5 Release Notes
      • EJBCA 6.15.2 Release Notes
      • EJBCA 6.15.1 Release Notes
      • EJBCA 6.15 Release Notes
      • EJBCA 6.14.1 Release Notes
      • EJBCA 6.14 Release Notes
      • EJBCA 6.13 Release Notes
      • EJBCA 6.12 Release Notes
      • EJBCA 6.11 Release Notes
        • EJBCA 6.11.0.1 Release Notes
        • EJBCA 6.11.1 Release Notes
      • EJBCA 6.10 Release Notes
        • EJBCA 6.10.1 Release Notes
      • EJBCA 6.9 Release Notes
        • EJBCA 6.9.1 Release Notes
      • EJBCA 6.8 Release Notes
      • EJBCA 6.7 Release Notes
      • EJBCA 6.6 Release Notes
      • EJBCA 6.5 Release Notes
      • EJBCA 6.4 Release Notes
      • EJBCA 6.3 Release Notes
      • EJBCA 6.2 Release Notes
      • EJBCA 6.1 Release Notes
      • EJBCA 6.0 Release Notes
      • EJBCA Release Notes Summary
      • EJBCA Change Log Summary
    • EJBCA Upgrade Notes
      • EJBCA 7.3.1.2 Upgrade Notes
      • EJBCA 7.3.1.1 Upgrade Notes
      • EJBCA 7.3.1 Upgrade Notes
      • EJBCA 7.3 Upgrade Notes
      • EJBCA 7.2.1 Upgrade Notes
      • EJBCA 7.2 Upgrade Notes
      • EJBCA 7.1 Upgrade Notes
      • EJBCA 7.0.1 Upgrade Notes
      • EJBCA 7.0 Upgrade Notes
      • EJBCA 6.15.2.5 Upgrade Notes
      • EJBCA 6.15 Upgrade Notes
      • EJBCA 6.14 Upgrade Notes
      • EJBCA 6.13 Upgrade Notes
      • EJBCA 6.12 Upgrade Notes
      • EJBCA 6.11 Upgrade Notes
      • EJBCA 6.10 Upgrade Notes
      • EJBCA 6.9 Upgrade Notes
      • EJBCA 6.8 Upgrade Notes
      • EJBCA 6.7 Upgrade Notes
      • EJBCA 6.6 Upgrade Notes
      • EJBCA 6.5 Upgrade Notes
      • EJBCA 6.4 Upgrade Notes
      • EJBCA 6.3 Upgrade Notes
      • EJBCA 6.2 Upgrade Notes
      • EJBCA 6.1 Upgrade Notes
      • EJBCA 6.0 Upgrade Notes
      • EJBCA Upgrade Notes Summary
  • EJBCA
  • EJBCA Operations
  • EJBCA CA Concept Guide
  • Certificate Profiles Overview
  • Current: Certificate Transparency Overview

Certificate Transparency Overview

For information about how to set up and configure Certificate Transparency logging for a CA, see the Certificate Transparency Operations page.


EJBCA Logo
© 2020 PrimeKey. All rights reserved.
Powered by Atlassian Confluence and Scroll Help Center | PrimeKey® and EJBCA® are trademarks of PrimeKey Solutions AB | PrimeKey Privacy Policy |