CSP environment template

The CSP environment template has default settings for code signing with the Venafi Cryptographic Service Provider (CSP).

CSPTemplate provides control around Environment creation. To see your template, call POST Codesign/GetTemplate. Any Environment that is created from this template must follow all the rules outlined, otherwise certificate creation will fail.

  • Type: Code Signing CSP Environment Template

  • Object: CPSSignEnvironment

The CSP environment template has these values:

  • AllowUserKeyImport: Applies only to PerUser templates. The setting for key import: true: users can import their own signing keys. false: no key import.

  • Description:Appears only if there is a template description.
  • Dn:The Distinguished Name (DN) of the template.

  • Guid: The GUID that uniquely identifies the template.

  • Id: The identifier of this template.

  • ObjectNamingPattern: Only appears if PerUser is true. The macros that make the Certificate object unique to the signer's identity. The rendered value appears in the Policy tree. The default is $Sign.Project$\$Sign.Environment$\$Sign.User$

  • PerUser:  Only appears if the value is true. The mode that supports multiple cryptographic objects and macros to use for signing. This field determines how objects are created for the Environment.

  • Type:This user-defined template originated from the Code Signing CSP Environment Template

  • VisibleTo: If empty, everyone can see this template. Otherwise, it is a restricted array of identities that can use the template to create new Environments. For example: You can limit exposure to templates pointing at public CAs, as those certificates can be very expensive and may not be required. See Template details.
  • EncryptionKeyAlgorithm: The template values for the signing key algorithm. See Template details.

  • Expiration: The number of minutes until the key expires. A value of zero 0 means the key will not expire. See Template details.

  • KeyContainerDN: The template value for the Distinguished Name (DN) location of the key container.
  • KeyStorageLocation: The location of the private key. Software or HSM. See Environment details.
  • MaxUses: The template values for the maximum number of key uses. See Template details.

  • SigningKeyAlgorithm: The template values for the signing key algorithm attribute. See Template details.