2.5.3.2.1 Edit CA Configuration Settings - CA Administrator

Goal: To edit configuration settings on the CA. The goal of this use case is for the CA administrator to be able to define and edit various configuration settings on the CA that affect behavior and policy around the issuance of certificates.

Context of Use: When a CA server is put into service, there is a variety of configuration settings that are required to be defined by the CA administrator for the CA operation to be in line with the requirements of the enterprise or organization that has deployed it. To define and edit these configuration settings and CA properties, the CA administrator often is required to be able to administer the CA remotely and can do so by using the interfaces defined in [MS-CSRA].

Direct Actor: The direct actor is the CA administrator.

Primary Actor: The primary actor is the same as the direct actor.

Supporting Actors: None.

Stakeholders and Interests:

  • The primary interest of the CA administrator is to ensure the CA is configured and is working properly.

  • The primary interest of the end entity is the assurance that the CA is configured correctly so that it can issue certificates as expected.

Preconditions: The CA administrator requires access to the CA.

Minimal Guarantee: The minimal guarantee is that the CA administrator receives an error message that provides the reason that the edit of the CA configuration failed.

Success Guarantee:

  • The CA system guarantees that configuration settings made by the CA administrator will be maintained.

  • The CA system guarantees that end entities can obtain certificates when requested in accordance with defined policy and configuration settings.

Trigger: The CA administrator triggers all CA administration operations.

Main Success Scenario:

  1. When the trigger occurs, the CA responds to connection attempts from the CA administrator.

  2. The CA administrator then defines or edits configuration settings or CA properties as required.

Extensions: None.

Post-conditions: The configuration settings or CA properties are updated on the CA as required.