Certificates

Certificates are digital credentials that include identification and public key. They can be validated by a certification company for more security.

Overall, a certificate is a mechanism that ensures secure communication between client and server.

The Certificates screen is found under the Security menu. It contains the list of existing certificates and allows registering new certificates.

Certificates list

certificates

The Certificates screen shows all existing certificates, with this information about them:

  • Status: informs whether the certificate is active (icon: icon active) ou expired (icon: icon expired).

  • Name: unique name for the certificate.

  • Domain name: exhibits the name and information regarding the domain.

  • Expiration: certificate expiration date and time, in format mm/dd/aa hh:mm:ss. Fields with past dates mean that the certificate is expired and fields with future dates mean that the certificates are active.

In addition to these data, the column Actions has two options: refresh or delete a certificate (read more about them below).

Registering a certificate

To register a certificate, click the Create Certificate button represented by the + symbol. You will be directed to a screen where you can fill in the required data.

certificate create

These are the fields to be completed:

  • Name: required field for a unique name.

  • Certificate Body: required field to insert the body of the public domain digital certificate in PEM format.

  • Private Key: required field to inform the private key, in PEM format. The key can’t have a password.

    • You may remove the password of a key it it has one. To do so, copy the private key file to your OpenSSL directory and, using OpenSSL, execute the command openssl rsa -in privateKey.pem -out newPrivate.pem.

  • Certificate Chain: optional field to inform the certificate entities associated to the emission process of the client’s public certificate.

    • Each entry must be separated by ----BEGIN CERTIFICATE---- and ----END CERTIFICATE----, respectively.

Certificates of the type RSA PKCS#1 are incompatible with the API Platform; they must be converted to RSA PKCS#8 before being imported.

After you fill in the data, click Save. You will be redirected to the listing screen, that will now contain your certificate.

Updating a certificate

Registered certificates can be updated through the listing screen. To do that, click the Refresh button (icon: icon refresh) on the row of the target certificate.

You can refresh both expired and active certificates, even if they are in use.

Upon clicking the Refresh button, a window will pop up to confirm the action.

certificate refresh

After clicking the Confirm button, you will be directed to a screen like the certificate registration page, with the data fields that you can alter.

certificate refresh edit

To refresh a certificate, you must send a new certificate body, a new private key and, optionally, a new certificate chain. However, the following actions cannot be performed:

  • editing the name.

  • updating the certificate without informing the certificate body and private key.

  • updating the certificate in case any of the attributes used to fill in the certificate fields are already related to any other certificate registered.

Deleting a Certificate

You can delete a certificate by clicking the Delete button (icon: icon delete), also found on the row of the target certificate, on the list of existing certificates.

A window will pop up to confirm the action.

certificate delete confirmation

Upon confirming it, the certificate will be deleted and will no longer show up on the list of existing certificates.

Thanks for your feedback!
EDIT

Share your suggestions with us!
Click here and then [+ Submit idea]