[Index]

Model: data/Certificate

Certificate Management

To access the latest documentation, go to Documentation and Resources at: https://voss.portalshape.com

This procedure creates a self-signed or third-party-signed system certificate to use when setting up Single Sign-On (SSO) on the web proxy node on VOSS Automate.

Note

  1. Log in as system administrator.

  2. Go to (default menus) Administration Tools > Certificate Management.

  3. Click Add.

  4. Fill out the fields on the Base tab:

  5. Fill out the fields on the Certificate Information tab:

    Field Description
    Common Name * Enter the FQDN for your server.
    Country Code * A two-digit country code
    State * An appropriate country subdivision
    City * Your city
    Organization * Your organization
    Organization Unit * Your organization subunit

  1. Click Save.

    Note

    If you created a self-signed certificate, you can exit this procedure. If you requested a third-party-signed certificate, continue with the next steps.

  2. On the Certificate Management list view, click on the third-party-signed certificate you created.

  3. Choose Action > Export Certificate Request.

  4. Follow your organization's procedures to obtain the third-party signature for the certificate.

  5. Click the certificate.

  6. Choose Action > Upload Signed Certificate.

  7. Browse to the signed certificate, then click OK.

Used to generate self-signed certificates or creating certificate requests to be signed by a third-party certificate authority.

Model Details: data/Certificate

Title Description Details
Name * A textual identifier for the certificate.
  • Field Name: name
  • Type: String
Description * Documents the purpose of this certificate.
  • Field Name: description
  • Type: String
Generate Certificate Signing Request If true, indicates that the system will generate a certificate signing request that can be signed by a third-party CA. If false, the system will generate a self-signed root certificate.
  • Field Name: certificate_request
  • Type: Boolean
Generated On The date and time when the certificate was generated. Ignored when "Generate Certificate Signing Request" is true.
  • Field Name: generation_date
  • Type: String
Valid From Time when the certificate starts to be valid. This is the number of seconds from when the certificate is generated. Ignored when "Generate Certificate Signing Request" is true.
  • Field Name: valid_from
  • Type: Integer
Valid To How long the certificate will be valid for from the time of generation. The value is in seconds. Default is 315360000 seconds (10 years). Ignored when "Generate Certificate Signing Request" is true. Default: 315360000
  • Field Name: valid_to
  • Type: Integer
  • Default: 315360000
Expires The expiry date of the certificate.
  • Field Name: expiry_date
  • Type: String
  • Format: date-time
Serial Number Serial number for the certificate. Default: 1
  • Field Name: serial_number
  • Type: Integer
  • Default: 1
Key Length Length of the key to be generated. Default: 1024
  • Field Name: key_length
  • Type: Integer
  • Default: 1024
Hashing Algorithm Hashing algorithm to use for the key. Default: sha256
  • Field Name: hash_algorithm
  • Type: String
  • Default: sha256
  • Choices: ["sha256"]
Private Key File Reference An internal reference for the generated private key file. This file will never be exposed to users, including administrators with the highest privileges.
  • Field Name: key_file_reference
  • Type: String
Certificate File Reference An internal reference to the certificate file that is generated internally or uploaded authorized users. This certificate is generated automatically when "Generate Certificate Signing Request" is false. The CA-signed certicate must be uploaded manually when "Generate Certificate Signing Request" is true. This file will never be exposed to users, including administrators with the highest privileges.
  • Field Name: cert_file_reference
  • Type: String
Certificate Request File Reference An internal reference to the generated certificate signing request file, when "Generate Certificate Signing Request" is true. This file will never be exposed to users, including administrators with the highest privileges.
  • Field Name: csr_file_reference
  • Type: String
Certificate Information Contains information about the certificate.
  • Field Name: certificate_info
  • Type: Object
Common Name * Must match the host being authenticated.
  • Field Name: certificate_info.common_name
  • Type: String
Country Code * Two letter description of the country.
  • Field Name: certificate_info.country_code
  • Type: String
  • MaxLength: 2
State * Name of the state.
  • Field Name: certificate_info.state
  • Type: String
City * Name of the city.
  • Field Name: certificate_info.city
  • Type: String
Organization * For example, a company name.
  • Field Name: certificate_info.organization
  • Type: String
Organization Unit * A unit at the organization. For example, a department of a company.
  • Field Name: certificate_info.organization_unit
  • Type: String