Import Private Key: Click to import the subject’s private key (usually from a PEM or DER-encoded file). Private key stored locally: This read-only field displays details of the private key. The following options are available for keys stored locally: If the private key is stored in the API Gateway certificate store, select Private key stored locally. They can also be provided by an OpenSSL engine, or stored on a Hardware Security Module (HSM) if required.ĪPI Gateway supports PKCS#11-compatible HSM devices. By default, private keys are stored locally (for example, in the API Gateway certificate store). 
Use the Private Keytab to configure details of the private key.
Export Certificate: Click to export the certificate (for example, to a. Import Certificate: Click to import a certificate (for example, from a. You can use the following buttons to import or export certificates into the certificate store: The certificate can be self-signed, or signed by the private key belonging to a trusted CA whose key pair is stored in the certificate store. Sign Certificate: You must click this button to sign the certificate. Not valid after: Select a date to define the end of the validity period of the certificate. Not valid before: Select a date to define the start of the validity period of the certificate. You can then click the browse button on the right to select an issuer certificate. Choose Issuer Certificate: Select to explicitly specify an issuer certificate for this certificate (for example, to avoid a potential clash or expiry issue with another certificate using the same intermediary certificate). Issuer: This read-only field displays the distinguished name of the CA that issued the certificate. Version: This read-only field displays the X.509 version of the certificate. Public Key: Click Import to import the subject’s public key (usually from a PEM or DER-encoded file). Alternatively, you can click Use Subject to add the DName of the certificate in he text box instead of a certificate alias. Alias Name: This mandatory field enables you to specify a friendly name (or alias) for the certificate. Subject: Click Edit to configure the Distinguished Name (DName) of the subject. AXWAY SECURE TRANSPORT HOW TO
This section explains how to use the X.509 Certificate tab on this dialog.Ĭonfigure the following settings to create a certificate: The Configure Certificate and Private Key dialog is displayed.
To create a certificate and private key, click Create/Import. For details, see Manage certificates in Java keystores.
Keystore: Click this to export or import certificates to or from a Java keystore. Remove: Select a certificate, and click to remove the certificate from the certificate store. View: Select a certificate, and click to view more detailed information. 
Edit: Select a certificate, and click to edit its existing settings. For details, see Configure an X.509 certificate. Create/Import: Click to create or import a new certificate and private key. The following options are available at the bottom right of the window: You can search for a specific certificate or key by entering a search string in the text box at the top of each tab, which automatically filters the tree. CA: Certificate Authority certificates with associated public keys. Certificates: Server certificates without any associated private keys. Certificates with Keys: Server certificates with associated private keys. Certificates and keys are listed on the following tabs in the Certificates window: To view the certificates and keys stored in the certificate store, select Environment Configuration > Certificates and Keys > Certificates in the Configuration Studio Policy Studio tree. 
For example, these can be used with the Secure Shell (SSH) File Transfer Protocol (SFTP) or with Pretty Good Privacy (PGP). You can also import and create public-private key pairs. These can be stored locally or on an external Hardware Security Module (HSM). In addition to importing CA certificates, you can import and create server certificates and private keys in the certificate store. For example, if API Gateway is to trust secure communications (SSL connections or XML Signature) from an external SAML Policy Decision Point (PDP), you must import the PDP certificate, or the issuing CA certificate into the API Gateway certificate store. Import CA certificates, and import and create server certificates and private keys in the certificate store.įor API Gateway to trust X.509 certificates issued by a specific Certificate Authority (CA), you must import that CA’s certificate into the API Gateway’s trusted certificate store.
Import the certificate and key into Policy Studio. How are certificates and keys stored in API Gateway?. Generate a CSR and import the certificate and key. Create a certificate realm and associated keystore. Edit on GitHub Edit on Netlify CMS Create documentation issue Contribution guidelines
0 kommentar(er)
