Contents x
    Certficates
    • 28 Nov 2022
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Certficates

    • Updated on 28 Nov 2022
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Certificates are used to secure connections, verify the identity of a third-party and to sign data. The certificate management interface allows you to import, export, generate and delete certificates that are known to the Liquit Workspace server(s). Certificates are globally stored in the database and are known to all the servers in the same environment.

    Import new certificate

    The following formats are supported for importing:

    • Personal Information Exchange – PKCS #12 (.pfx is the commonly used filename extension)
    • Base 64 encoded X.509 (.cer/.crt/.pem are the commonly used filename extensions)
    • DER encoded binary X.509 (.der is the commonly used filename extension)

    PKCS #12 is the only format supported that can contain a private key. If importing a PKCS #12 certificate format, provide also the password for the private key.

    Create self-signed

    NameDescription
    DescriptionA description for the newly to be created certificate
    Common nameA valid formatted DNS name, e.g. “www.liquit.com” or “saml-idp”
    Days validThe number of days the certificate is valid from the point of creation
    Key sizeThe size of the certificate keys, if in doubt, it’s recommended to use the default of 2048

    Export certificate

    The following formats are supported for exporting:

    • Personal Information Exchange – PKCS #12 (.pfx is the commonly used filename extension)
    • Base 64 encoded X.509 (.cer/.crt/.pem are the commonly used filename extensions)
    • DER encoded binary X.509 (.der is the commonly used filename extension)

    PKCS #12 is only available when the certificate contains a private key, it also requires a password to protect the private key in the exported file.

    Details

    NameDescription
    SubjectThe full name of the certificate
    IssuerThe full name of the certificate that issued this certificate, it will be the same as the subject if this is a self-signed certificate.
    Has private keyIf the certificate also contains a private key next to the public key.
    Not beforeThe date that this certificate becomes valid.
    Not afterThe date that this certificate will expire.
    Key sizeThe size of the keys.
    Serial numberThe serial number of the certificate, this is not per se unique and is decided by the certificate issuer.
    ThumbprintThe checksum of the public key, this is a unique identifier for this specific certificate.
    DescriptionA free fillable field that can hold the description of the certificate.

    Tags

    The “Tags” tab shows a list of tags associated with the certificate. The list allows you to add and remove Tags. You can edit the Tag by double-clicking it.

    package-tags

    Certificate Chain

    An overview of the certificate chain is shown on this page.

    Dependencies

    This will give an overview of the components that are using this certificate.

    Extensions

    This will give a simplified overview of the X.509 extensions implemented into this certificate. For self-signed generated certificates, this will be empty.

    Was this article helpful?
    What's Next