- Certificate Profile: A configuration set specifying how certificates should be issued under that profile including the issuing CA, a certificate policy, and the enrollment method (such as ACME, EST, API, etc.) used to enroll certificates.
- Certificate Policy: A policy structure specifying the permitted attributes for requested certificates including subject naming conventions, SAN fields, key usages, and extended key usages.
- Approval Policy: An optional approval workflow requiring human review before certificates are issued. Approval policies can enforce multi-step review processes with configurable approvers for each step.
- Certificate: The actual X.509 certificate issued for a profile. Once issued, a certificate kept track of in the certificate inventory.
Certificates
Overview
To issue a certificate with Infisical, you create a certificate profile and a certificate policy to go along with it. You then issue a certificate against
a specific profile depending on the enrollment method associated with it.
There are four components to understand: