This article will provide an example on how to configure the S-Series to use PKCS12 files (or pfx files) that can be issued to a smart card token during the issuance process.
1. From the Options - Connections - Certificate Authorities click the Add button.
2. Enter a template name and select PKCS12 from the drop-down list.
3. Click the Get button to select a PKCS12 file to allow the S-Series to automatically detect the CA issuer DN. Browse to the location of the PKCS12 file and enter the password for the PKCS12 file.
4. Click the Get button to select a default location that the S-Series will search for PKCS12 files during the issuance process.
5. Enter a passphrase for PKCS12 files if a default passphrase is used for all PKCS12 files that are to be imported during the issuance when the S-Series is configured to use a PKCS12 certificate database already configured (see the article Configure PKCS#12 Certificate Database for details).
6. From Templates - Card Templates edit theIssue Card section and in the Enroll certificate(s) section select the PKCS12 connection template already added above.
7. A P12 Settings button will appear when the PKCS12 connection is used for issuing the certificates. Click the P12 Settings button to configure additional settings.
8. Enable the Allow manually adding new containers checkbox if it is to be allowed to manually import a PKCS12 certificate into a container that is not already assigned to be used during the issuance process.
9. Enable the Allow empty containers checkbox if it is allowed to issue the smart card even if there is no PKCS12 file imported during the issuance flow.
10. Save the template and close.
11. From the Lifecycle page issue the smart card as normal.
12. At the Import PKCS12 Files dialog select the container that the PKCS12 file will be imported into. From the Status column you can see which containers have been assigned. This will be Empty until a PKCS12 file is assigned. Additionally, the role DN for the container will be already assigned based on what the selected user DN who the smart card is to be issued to. The details on the certificate template that the PKCS12 file will be connected to are also displayed. Select a container and click the Edit button to add the PKCS12 file that is to be imported. Once all containers are assigned click the Ok button to complete the issuance.