Policies & Governance
Policies & Governance
Section titled “Policies & Governance”Short Summary: Policies allow you to enforce security standards and automation rules across your organization.
What is a Policy?
Section titled “What is a Policy?”A Policy is a set of rules applied to a group of certificates.
1. Cryptographic Rules
Section titled “1. Cryptographic Rules”- Allowed Algorithms: RSA-2048, RSA-4096, ECC P-256.
- Forbidden: RSA-1024, SHA-1.
- Max Validity: e.g., 365 days.
2. Naming Conventions (DN)
Section titled “2. Naming Conventions (DN)”- Subject: Must contain
O=MyCompany. - SANs: Must match regex
.*\.mycompany\.com.
3. Workflow Rules
Section titled “3. Workflow Rules”- Auto-Renew: Enabled/Disabled.
- Approval: Required/Optional.
- Pre-Processing: Run a script before renewal?
- Post-Processing: Run a script after renewal (e.g., Restart Service).
Policy Inheritance
Section titled “Policy Inheritance”Policies can be applied at different levels:
- Global: Applies to everything.
- CA Level: Applies to a specific CA.
- Group Level: Applies to a folder of certificates (e.g., “Dev Team”).
Specific policies override global policies.