Oct 6, 2025
OVERVIEW: This page walks you through the process of configuring your EPKI profile to RSASSA-PSS Signing Algorithm for all S/MIME Certificates issued via Enterprise PKI. At the completion of this procedure, you will be able to update the signature algorithm of your EPKI profile to RSASSA-PSS. For more profile configuration support, please refer to this page. |
IMPORTANT: If you are a new customer, you can contact a Sales Representative to set up an Enterprise PKI account or you may refer to this page to create a new profile. In the Signature Algorithm section, select RSASSA-PSS. |
Log in to your GCC account and go to Enterprise PKI tab.
Under My Profiles, click the Profile Configuration option.
Select the correct Profile that you'd like to configure and then click the Next button.
In the Profile Configuration window, select the RSASSA-PSS (sha256) in the Signature Algorithm section and click Next.
Review the updates and click Next to complete the process.
You will be redirected to the window confirming the process is successful. Once this has been configured, you can issue Certificates that will include RSASSA-PSS as the signing algorithm. You may follow the normal issuance process.
IMPORTANT: Take note of the Profile ID that you configured to use the RSASSA-PSS algorithm. You will need to select and/or specify this Profile ID when issuing certificates. Also, this algorithm should be tested for compatibility with Mail Clients as RSASSA-PSS may not be supported. |
Check your certificate installation for SSL issues and vulnerabilities.