Search

Skip to end of metadata
Go to start of metadata

Path to function: Management > Connections

The system has the facility to hold two certificates for a connected local authentication system to make it possible to transition between an expiring certificate and a new one without any break in service. You will need to add the second certificate at least a day before you replace the certificate on your local authentication source to ensure sufficient time for all systems to pick up the change, and you should not remove the old certificate from this interface until after you have changed the certificate on your local source and tested.

For any configured local authentication source there will be a tab visible saying Certificates.

To add a new certificate, you simply paste the text of the certificate into the bottom box (if this is not blank, you will need to remove one of the existing certificates - preferably the one that is not in use). The certificate will sometimes be displayed between a header and footer identifying the beginning and end of the certificate block similar to this:

-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgIJAIp1FSxSm9OlMA0GCSqGSIb3DQEBBQUAMFUxCzpdFAKE
BAYTAkdCMSowKAYDVQQKEyFBY2NyaW5ndG9uIGFuZCBSb3NzZW5kYWxlIENvFAKE
Z2UxGjAYBgNVBAMTEWlkcC5hY2Nyb3NzLmFjLnVrMB4XDTEzMDkxMTExMjM1FAKE
DTIzMDkwOTExMjM1M1owVTELMAkGA1UEBhMCR0IxKjAoBgNVBAoTIUFjY3Jpbmd0
b24gYW5kIFJvc3NlbmRhbGUgQ29sbGVnZTEaMBgGA1UEAxMRaWRwLmFjY3Jvc3Mu
YWMudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Kw1idmiWCVV6
nMtNO9/5obIs1df09j9OPhyEBLFH8r1JEKtkorM701Drm/g7ddWW4yV4n63zI0em
appc/CXcFijcvEm/E51aLtQ/uwy8rVyo30FOFzA735GNLhEXu54w7RzfbZO7bGyQ
ni/K1wlIWSN1qexki0nvuSafAwATmhRgQAyWAb4oAe6whuIZ5lIB5U4GTPrlgwFk
KWpb5jyUoM5XaXM4l6EHZfZdOIwSfeV/BK9WQwJ2e8FTlOpIUxZSzrxH06kFW5Dr
BVfX4H4wypXvpTWiPhOh8yHYetl&dssTtZubtialFsPnylB/5p1ALLqiXkCVp5+v
CCxew/ddAgMBAAGjgbgwgbUwHQYDVR0ROBBEFIqv62qawJvLOtz0o1pzLUDrC7+S
MIGFBgNVHSMEfjB8gBSKr+tq8CkbyzrOc9Kacy1A6wu/kqFZpFcwVTELMAkGA1UE
BhMCR0IxKjAoBgNVBAoTIUFjY3JpbmdM0b2gYW5kIFJvc3NlbmRhbGUgQ29sbGVn
ZTEaMBgGA1UEAxMRaWRwLmFjY3Jvc3MEuYWudWuCCQCKdRUsUpvTpTAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBBQUAA4IDBAQunKm++p3Cimm4+bXiGN60FFliLGld
kKM5MtAnzyi1QujUj0ZgQU87OxaP4G9NZ15yBr8QxjK/jMqjNL1BR1nN8Qk9jnXS
7ZvdlJlfQCaBFyOPh/WQPwOnk3rsB8cYyviIilqyELdn6YOt+/SKXDtFE0p2RK80
DRB/V76lE0TKDkEi8V+cyn3UATFf/YsLQuy2gD2bLN3G0ydHJv1BO5LnXRg7aAmj
cuSR5WDxDBed9bC7OnlSCreRr267qw/LsFCqgqdtvFiqoVu9JT1FDs519iEmKcM9
9S+YKaM+/E6mM4hA3qdkniBxIL29OWji1ps6/ZVEdrkJEf9eg86BGlre
-----END CERTIFICATE------ 

Once pasted, click update under the panel you've pasted in and the system will validate the certificate. Once validated the panel will display a summary similar to the other panel.

To remove a certificate, click the remove button under the summary panel and confirm.

  • No labels