Managing certificates
  • 03 Jan 2025
  • 3 Minutes à lire
  • Sombre
    Lumière
  • PDF

Managing certificates

  • Sombre
    Lumière
  • PDF

The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article

You can manage all server and certification authority (CA) certificates used by all OneSpan Authentication Server Appliance components via the Certificate Management page in the Configuration Tool.

Server certificates

Server certificates contain public and private keys and are usually used to secure connections to a server or a component using SSL, e.g. SEAL communicator, SOAP communicator, Configuration Tool, etc.

Trusted root certificate authorities

Trusted certification authority (CA) certificates are typically used to determine which client certificates to trust. Trusted CA certificates often come in bundles containing several different trusted root CAs.

OneSpan Authentication Server Appliance root CA

OneSpan Authentication Server Appliance contains a built-in certification authority (CA) used to sign all automatically generated default certificates. This list contains the root CA certificate for the OneSpan Authentication Server Appliance CA.

Editing server or CA certificates

To edit a server or CA certificate

  1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
  2. Select Settings > Certificates.
  3. Select the certificate in the respective list and click Edit.

    The Edit Certificate Dialog appears.

  4. Edit the certificate as required and click Update.

    If you want to upload the signed certificate for a pending certificate signing request (CSR), you can specify the certificate file in the Upload Signed Certificate box.

Downloading server or CA certificates

To download a server or CA certificate

  1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
  2. Select Settings > Certificates.
  3. Select the certificate in the respective list and click Download certificate.

Deleting server or CA certificates

To delete a server or CA certificate

  1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
  2. Select Settings > Certificates.
  3. Select the certificate in the respective list and click Delete.

Adding server certificates

To add a server certificate

  1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
  2. Select Settings > Certificates.
  3. Click Add Certificate in the Server Certificates section.

    The Add Certificate Wizard appears.

  4. Do one of the following:

    • If you want to create a new certificate:

      1. In the Certificate Source page, select Create New Certificate.
      2. Specify the certification authority to sign the certificate.

        Select Appliance Signs The Certificate if you want to use the built-in root CA of the OneSpan Authentication Server Appliance to create a self-signed certificate.

        Select Third Party Signs The Certificate if you want to have a third-party CA to create a certificate.

      3. Specify the subject data for the certificate request.

        If you chose to use the built-in CA, the certificate is being created and added to the Server Certificate list.

        If you chose to use a third-party CA, a certificate signing request (CSR) is being created and can be downloaded to submit to the respective CA. When the third-party CA has created your certificate, upload the signed certificate using the Edit Certificate Dialog.

    • If you want to upload an existing certificate:

      1. In the Certificate Source page, select Upload Certificate.
      2. Specify the certificate file to upload.

        The certificate must be a Base64-encoded X.509 certificate file (usually a .PEM file), containing the certificate and the respective private key file. Certificate chains can be included with the certificate within one single certificate file using the PEM file format.

        If required, type the private key password.

  5. Click Finish to close the wizard.

Adding trusted root certification authority (CA) bundles

To add a trusted root certification authority (CA) bundle

  1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
  2. Select Settings > Certificates.
  3. Click Add Authority in the Trusted Root Certificates Authorities section.

    The Add Authority Wizard appears.

  4. Specify the certificate or certificate bundle to upload.

    The certificate must use the PEM file format. Multiple certificate authority signing certificates can be used for validating client certificates, but must be uploaded in a single file.

  5. Click Next to add the certificate bundle to the Trusted Root Certificate Authorities list.
  6. Click Finish to close the wizard.

Cet article vous a-t-il été utile ?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle