[Index]

Model: data/Certificate

Certificate Management

Use this procedure to create a self-signed or third-party-signed system certificate to use when setting up Single Sign-On (SSO) on the web proxy node on VOSS-4-UC.

Note

Procedure

  1. Log in as entadmin.
  2. Choose Single Sign On > Certificate Management.
  3. Click Add.
  4. On the Base tab, enter a Name and Description for the certificate.
  5. For a self-signed certificate, control when the certificate is valid by changing the Valid From and Valid To fields. These are measured in seconds and default to 0 (now) and 315360000 (10 years), respectively.
  6. (Optional) Change the Key Length from the default of 1024.
  7. Click the Certificate Information tab, and complete all mandatory fields (see Certificate Management fields).
  8. Click Save.
  9. If you created a self-signed certificate you are done. If you requested a third-party-signed certificate, continue to the next step.
  10. Click the certificate you just created.
  11. Choose Action > Export Certificate Request.
  12. Follow your organization's procedures to obtain the third-party signature for the certificate.
  13. Click the certificate.
  14. Choose Action > Upload Signed Certificate.
  15. Browse to the signed certificate and click OK.

Certificate Management Fields

Field Description
Common Name * Enter the FQDN for your server.
Country Code * A two-digit country code
State * An appropriate country subdivision
City * Your city
Organization * Your organization
Organization Unit * Your organization subunit

Used to generate self-signed certificates or creating certificate requests to be signed by a third-party certificate authority.

Model Details

Title Description Details
Name * A textual identifier for the certificate.
  • Field Name: name
  • Type: String
Description * Documents the purpose of this certificate.
  • Field Name: description
  • Type: String
Generate Certificate Signing Request If true, indicates that the system will generate a certificate signing request that can be signed by a third-party CA. If false, the system will generate a self-signed root certificate.
  • Field Name: certificate_request
  • Type: Boolean
Generated On The date and time when the certificate was generated. Ignored when "Generate Certificate Signing Request" is true.
  • Field Name: generation_date
  • Type: String
Valid From Time when the certificate starts to be valid. This is the number of seconds from when the certificate is generated. Ignored when "Generate Certificate Signing Request" is true.
  • Field Name: valid_from
  • Type: Integer
Valid To How long the certificate will be valid for from the time of generation. The value is in seconds. Default is 315360000 seconds (10 years). Ignored when "Generate Certificate Signing Request" is true. Default: 315360000
  • Field Name: valid_to
  • Type: Integer
  • Default: 315360000
Serial Number Serial number for the certificate. Default: 1
  • Field Name: serial_number
  • Type: Integer
  • Default: 1
Key Length Length of the key to be generated. Default: 1024
  • Field Name: key_length
  • Type: Integer
  • Default: 1024
Hashing Algorithm Hashing algorithm to use for the key. Default: sha256
  • Field Name: hash_algorithm
  • Type: String
  • Default: sha256
  • Choices: ["sha256"]
Private Key File Reference An internal reference for the generated private key file. This file will never be exposed to users, including administrators with the highest privileges.
  • Field Name: key_file_reference
  • Type: String
Certificate File Reference An internal reference to the certificate file that is generated internally or uploaded authorized users. This certificate is generated automatically when "Generate Certificate Signing Request" is false. The CA-signed certicate must be uploaded manually when "Generate Certificate Signing Request" is true. This file will never be exposed to users, including administrators with the highest privileges.
  • Field Name: cert_file_reference
  • Type: String
Certificate Request File Reference An internal reference to the generated certificate signing request file, when "Generate Certificate Signing Request" is true. This file will never be exposed to users, including administrators with the highest privileges.
  • Field Name: csr_file_reference
  • Type: String
Certificate Information Contains information about the certificate.
  • Field Name: certificate_info
  • Type: Object
Common Name * Must match the host being authenticated.
  • Field Name: certificate_info.common_name
  • Type: String
Country Code * Two letter description of the country.
  • Field Name: certificate_info.country_code
  • Type: String
  • MaxLength: 2
State * Name of the state.
  • Field Name: certificate_info.state
  • Type: String
City * Name of the city.
  • Field Name: certificate_info.city
  • Type: String
Organization * For example, a company name.
  • Field Name: certificate_info.organization
  • Type: String
Organization Unit * A unit at the organization. For example, a department of a company.
  • Field Name: certificate_info.organization_unit
  • Type: String
API reference for data/Certificate