This panel creates a new security domain or adds the new subsystem to an existing security domain. A security domain can be created only if the subsystem being configured is a CA. All other subsystems do not have the option to create a domain, so these subsystems must join an existing security domain. Creating a new domain creates a registry called domain.xml in the /var/lib/CAinstanceID/conf/ directory. Editing the file manually is not recommended.

The first security domain for the Certificate System is created when the default CA is configured. Every subsystem must belong to a security domain; no system can be successfully configured without an existing security domain. The only subsystem which can host a security domain is a CA.

If the subsystem is being added to an existing domain, provide the security domain URL and the administrator UID and password for the domain.

For more information on security domains, see Section 5.4, “Security Domains”.