Certificates
The Certificates area manages the TLS certificates and certificate signing requests for this node. It has two tabs: Certificates and Signing requests.
Certificates
The Certificates tab lists every certificate with its common name, valid from and valid until dates, and a validity badge (Valid, Expiring soon, Expired, or Unknown) derived from the expiry date.
Two actions in the header create certificates:
- Generate certificate: creates a self signed certificate. You provide the subject details (common name, organization, organizational unit, country, state or province, city), the key size, validity period, and any subject alternative names (additional host names or IP addresses the certificate should cover).
- Import certificate: imports a certificate you already have, by pasting the certificate PEM, the private key PEM, and optionally a CA bundle, with a key passphrase if the private key is encrypted.
For each certificate you can view it (a read only PEM viewer with copy and download), download it, or delete it.
Signing requests
The Signing requests tab lists every certificate signing request with its common name, email, and algorithm.
- Create signing request: creates a request to have a certificate authority issue a certificate. You provide the subject details, the key settings, and any subject alternative names. Download the request and send it to your certificate authority.
For each request you can view it, download it, upload the signed certificate your certificate authority issued (which attaches it to the request), or delete it.