Certificates
Certificates are digital credentials that include identification and public key. They can be validated by a certification company for more security.
Overall, a certificate is a mechanism that ensures secure communication between client and server.
The Certificates screen is found under the Security menu. It contains the list of existing certificates and allows registering new certificates.
Certificates list
The Certificates screen shows all existing certificates, with this information about them:
-
Status: informs whether the certificate is active (icon: ) ou expired (icon: ).
-
Name: unique name for the certificate.
-
Domain name: exhibits the name and information regarding the domain.
-
Expiration: certificate expiration date and time, in format mm/dd/aa hh:mm:ss. Fields with past dates mean that the certificate is expired and fields with future dates mean that the certificates are active.
In addition to these data, the column Actions has two options: refresh or delete a certificate (read more about them below).
Registering a certificate
To register a certificate, click the Create Certificate button represented by the + symbol. You will be directed to a screen where you can fill in the required data.
These are the fields to be completed:
-
Name: required field for a unique name.
-
Certificate Body: required field to insert the body of the public domain digital certificate in PEM format.
-
Private Key: required field to inform the private key, in PEM format. The key can’t have a password.
-
You may remove the password of a key it it has one. To do so, copy the private key file to your OpenSSL directory and, using OpenSSL, execute the command
openssl rsa -in privateKey.pem -out newPrivate.pem
.
-
-
Certificate Chain: optional field to inform the certificate entities associated to the emission process of the client’s public certificate.
-
Each entry must be separated by
----BEGIN CERTIFICATE----
and----END CERTIFICATE----
, respectively.
-
Certificates of the type RSA PKCS#1 are incompatible with the API Platform; they must be converted to RSA PKCS#8 before being imported.
|
After you fill in the data, click Save. You will be redirected to the listing screen, that will now contain your certificate.
Updating a certificate
Registered certificates can be updated through the listing screen. To do that, click the Refresh button (icon: ) on the row of the target certificate.
You can refresh both expired and active certificates, even if they are in use. |
Upon clicking the Refresh button, a window will pop up to confirm the action.
After clicking the Confirm button, you will be directed to a screen like the certificate registration page, with the data fields that you can alter.
To refresh a certificate, you must send a new certificate body, a new private key and, optionally, a new certificate chain. However, the following actions cannot be performed:
|
Deleting a Certificate
You can delete a certificate by clicking the Delete button (icon: ), also found on the row of the target certificate, on the list of existing certificates.
A window will pop up to confirm the action.
Upon confirming it, the certificate will be deleted and will no longer show up on the list of existing certificates.
Share your suggestions with us!
Click here and then [+ Submit idea]