How to create a policy
Overview
In this tutorial you'll create a policy, an essential part of using a certificate with Redtrust. This tutorial assumes you already understand some basics of Redtrust and want to configure certificate access for specific applications or sites.
Before you start
Before starting, ensure you have the following:
- The Redtrust agent
- A certificate or certificate group
- A user or user group
Step 1: Create an application or site group
-
Go to Policies > Applications and click Add application group.
-
In the dialog, fill in the following fields:
- Application group name: Add a descriptive name that helps you identify this app group. For example,
Acrobat PDF signing. - Process name (without extension): Add the process name or regex. Following the example,
acrobat. For other examples, check the table below. - Click Add and Apply.
- Application group name: Add a descriptive name that helps you identify this app group. For example,
Use the following examples to create additional application or site groups. Add a group name that best matches how you use the application or site.
| Description | Site group | App group | Process name | Command line |
|---|---|---|---|---|
| Adobe Acrobat | ✅ | acrobat | ||
| Java applications (incl. locally created apps, Autofirma, etc.) | ✅ | java and javaw | ||
| Escrituração Fiscal Digital das Contribuições | ✅ | .*javaw.*irpjpva.jar.* | ||
| DocuSign | ✅ | .*dspki.exe.*DocuSignPKI.* | ||
| Sped ECF - Sistema público de escrituração digital | ✅ | .*javaw.*irpjpva.jar.* | ||
| Sped Fiscal - Sistema público de escrituração digital | ✅ | .*javaw.*fiscalpva.jar.* | ||
| Sped ECD - Sistema público de escrituração digital | ✅ | .*javaw.*contabilpva.jar.* | ||
| Assinador do Serpro | ✅ | .*Assinador.*Serpro.* | ||
| Assinador PF | ✅ | .*javaw.*AssinadorPF.exe.* | ||
| Lacuna Software | ✅ | .*Lacuna.*Software.* | ||
| eCAC | ✅ | ✅ | See How to define access to eCAC. | |
| Processo Judicial Eletrônico | ✅ | ✅ | See How to define domain access using application-based authentication. |
Step 2: Create a policy
-
Go to Policies > Policies.
-
Click New to access the policy creation wizard.
-
In Name, enter the name of the policy, for example
Acrobat signing, and click Next. -
In the Select certificate box, select the certificate and click Next.
-
Select the user or user group and click Next.
-
If your policy needs to define specific sites, click Add sites. Select the sites added in Step 1.
-
If your policy needs to define specific applications, click Add applications. Select the applications added in Step 1.
-
Click Next.
-
In the final step, make sure Anytime is selected. Click Apply, then Accept.
infoFor more details on the policy configuration options, see the Policies topic documentation.
Step 3: Verification
To verify the policy, sign in with the configured user and attempt to sign with Adobe Acrobat Reader or use the certificate in the application or site you configured.