MSCA Connector Integration Guide

Prerequisites

Before deployment, ensure:

  • CertSecure Manager frontend and backend are fully operational.
  • Use an Admin CertSecure account for setup.
  • Machine is domain-joined.

  • A Service Account is used with the following permissions:

    1. Log on as a Service
    2. Log on as a Batch Job
    3. Allow Log on through Remote Desktop Services
  • Service account has Read and Enroll permissions on each certificate template.

Hardware Requirements:

  • CPU: 16 cores
  • RAM: 32 GB
  • Storage: 200 GB

Software Requirements:

  • OS: Windows 11 or Windows Server 2019 (or later)

Step-by-Step Guide

  1. Running the Installer
    • Mount the ISO by right-clicking and selecting Mount.
    • Open the mounted drive, find the installer, and run as Administrator.
      • Run Installer

      Note: If v1.98 or older connector is running, manually terminate it first.

  2. Installation and Service Configuration
    • Click Next → Accept license → Default path: C:\Program Files (x86)\CertSecure 3.0 → Click Next.
      • Choose Installation Options

    • Click Start on installation page → wait for completion.

      View logs if needed → Click OK, then Next.

      • Start Installation

    • On Configure Connector Settings page:

      • Run certutil in Admin CMD.
        • certutil in cmd
      • Note down Name = CA Name, and Server = CA Server FQDN.
      • Enter Connector Name (any value) → Click Next
        • connector settings configuration

    • On Install Service page:

      • Click Install.
        • Install service window
      • After service installs, a prompt will ask for Registration Key.
        • Enter Registration Key

    • On CertSecure UI → Go to Utilities > Connectors

      • Click Create Registration Token.
        • Create Registration Token
      • Copy token → paste into prompt on installer → Click Submit → Close prompt → Click OK → Click Next.
        • Copy token

    • Open Services.msc →

      • Right-click EC_MSCA_Connector → Properties > Log On → Select This Account
      • Enter Service Account credentials → Click OK
        • Enter credentials for service account
      • Right-click service again → Click Start
        • see options on right click

      • Service Status will become “Running”

        Go to UI → Click Refresh to see the connector displayed.

        • Connector window on Certsecure Manager
    • In CertSecure UI:
      • Go to Administration > CA Management → Click Add CA
      • Choose CA Type: MSCA
      • Enter CA Name (e.g., CA04NEW as entered earlier)
      • Set Renewal Interval (e.g., 5 = sync every 5 mins) → Click Save
      Set Renewal Interval
    • On installer → Click Finish → Click Yes on confirmation → Exit application.
      • Exit Application message after installation