Installation of the ASP Private Key
  • 14 Oct 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Installation of the ASP Private Key

  • Dark
    Light
  • PDF

Article summary

The ASP needs to install the ASP leaf private key and certificate(s) into the software application that is used to access the TID platform. This installation process is specific to the software application used by the ASP.

Several applications require the private key and certificate (chain) to be formatted as a single PKCS #12 file. You can use OpenSSL to convert the PEM files into a PKCS #12 file. To do so, run the command for your ASP certificate option:

  • Option 1: Self-signed certificate

    If you are using a self-signed leaf certificate, run the following command:

    openssl pkcs12 ‑export ‑inkey asp_leaf_key.pem ‑in asp_leaf_crt.pem ‑out asp.pfx

  • Option 2: Two-level certificate chain

    If you are using a certificate chain with a root certificate and a leaf certificate, run the following command:

    openssl pkcs12 ‑export ‑inkey asp_leaf_key.pem -in asp_leaf_crt.pem ‑certfile client_certs.pem ‑out asp.pfx

    where:

    • client_certs.pem is a file that contains the root certificate.

  • Option 3: Three-level certificate chain

    If you are using a certificate chain with a root certificate, an intermediate certificate, and a leaf certificate, run the following command:

    openssl pkcs12 ‑export ‑inkey asp_leaf_key.pem ‑in asp_leaf_crt.pem ‑certfile client_certs.pem ‑out asp.pfx

    where:

    • client_certs.pem is a file that contains the intermediate certificate and the root certificate.

    In the described commands, asp.pfx is a PKCS #12 file that contains the ASP’s leaf private key and the certificate chain.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant