Menu

Configure EPKI Profile to RSASSA-PSS Signing Algorithm

Jan 13, 2026

Configure EPKI Profile to RSASSA-PSS Signing Algorithm

OVERVIEW: This page walks you through the process of configuring your EPKI profile to RSASSA-PSS Signing Algorithm for all S/MIME Certificates issued via Enterprise PKI. At the completion of this procedure, you will be able to update the signature algorithm of your EPKI profile to RSASSA-PSS. For more profile configuration support, please refer to this page

For New Customers

IMPORTANT: If you are a new customer, you can contact a Sales Representative to set up an Enterprise PKI account or you may refer to this page to create a new profile. In the Signature Algorithm section, select RSASSA-PSS.

For Existing Customers

  1. Log in to your GCC account and go to Enterprise PKI tab. 

  2. Under My Profiles, click the Profile Configuration option.

  3. Select the correct Profile that you'd like to configure and then click the Next button.

  4. In the Profile Configuration window, select the RSASSA-PSS (sha256) in the Signature Algorithm section and click Next.

    IMPORTANT: The default IntermediateCA is set to Non – S/MIME Use Cases, like for authentication access. Email Domain validation must be set to We use S/MIME (see step 6) to activate BR Compliant S/MIME Profile. Another option is to create an additional profile and set Profile applied for to BR Compliant S/MIME Profile (refer to Create New Profile in EPKI, step 4). 


  5. Review the updates and click Next to complete the process. 

  6. You will be redirected to the window confirming the process is successful. Once this has been configured, you can issue certificates that will include RSASSA-PSS as the signing algorithm. You may follow the normal issuance process.

IMPORTANT: Take note of the Profile ID that you configured to use the RSASSA-PSS algorithm. You will need to select and/or specify this Profile ID when issuing certificates. Also, this  algorithm should be tested for compatibility with Mail Clients as RSASSA-PSS may not be supported.

Related Articles

Enterprise PKI Admin Guide

Mar 2, 2020, 5:27 AM

Enterprise PKI is a platform that provides instant issuance of multi-functional digital certificates through pre-vetted company profiles. Certificates issued through ePKI can be used for document signing...

Read More

Important EPKI API Updates for 2023

Jul 12, 2023, 4:43 AM

In compliance with S/MIME Baseline Requirements this coming September 2023, here are the upcoming changes to EPKI API.

Read More

How to setup an EPKI account

Sep 6, 2023, 9:38 AM

This article will walk you through the initial setup of your EPKI account, including profile configuration.

Read More

GlobalSign System Alerts

View recent system alerts.

View Alerts

Atlas Discovery

Scan your endpoints to locate all of your Certificates.

Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.

Contact Support