Certficates
  • 28 Nov 2022
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Certficates

  • Dark
    Light
  • PDF

Article Summary

Certificates are used to secure connections, verify the identity of a third-party and to sign data. The certificate management interface allows you to import, export, generate and delete certificates that are known to the Liquit Workspace server(s). Certificates are globally stored in the database and are known to all the servers in the same environment.

Import new certificate

The following formats are supported for importing:

  • Personal Information Exchange – PKCS #12 (.pfx is the commonly used filename extension)
  • Base 64 encoded X.509 (.cer/.crt/.pem are the commonly used filename extensions)
  • DER encoded binary X.509 (.der is the commonly used filename extension)

PKCS #12 is the only format supported that can contain a private key. If importing a PKCS #12 certificate format, provide also the password for the private key.

Create self-signed

NameDescription
DescriptionA description for the newly to be created certificate
Common nameA valid formatted DNS name, e.g. “www.liquit.com” or “saml-idp”
Days validThe number of days the certificate is valid from the point of creation
Key sizeThe size of the certificate keys, if in doubt, it’s recommended to use the default of 2048

Export certificate

The following formats are supported for exporting:

  • Personal Information Exchange – PKCS #12 (.pfx is the commonly used filename extension)
  • Base 64 encoded X.509 (.cer/.crt/.pem are the commonly used filename extensions)
  • DER encoded binary X.509 (.der is the commonly used filename extension)

PKCS #12 is only available when the certificate contains a private key, it also requires a password to protect the private key in the exported file.

Details

NameDescription
SubjectThe full name of the certificate
IssuerThe full name of the certificate that issued this certificate, it will be the same as the subject if this is a self-signed certificate.
Has private keyIf the certificate also contains a private key next to the public key.
Not beforeThe date that this certificate becomes valid.
Not afterThe date that this certificate will expire.
Key sizeThe size of the keys.
Serial numberThe serial number of the certificate, this is not per se unique and is decided by the certificate issuer.
ThumbprintThe checksum of the public key, this is a unique identifier for this specific certificate.
DescriptionA free fillable field that can hold the description of the certificate.

Tags

The “Tags” tab shows a list of tags associated with the certificate. The list allows you to add and remove Tags. You can edit the Tag by double-clicking it.

package-tags

Certificate Chain

An overview of the certificate chain is shown on this page.

Dependencies

This will give an overview of the components that are using this certificate.

Extensions

This will give a simplified overview of the X.509 extensions implemented into this certificate. For self-signed generated certificates, this will be empty.


Was this article helpful?