Skip to content

Manage DS certificates

All the card schemes supported by ActiveServer can be managed from the Directory Servers page, under the Certificates tab.

User Access

A user requires the System admin role to manage DS certificates.

Directory Server - Certificates tab

To manage a card scheme's certificates:

Select the appropriate card scheme tab at the top of the page to display its details.

Client certificate

The certificate is downloaded from the card scheme, usually after providing a Certificate Signing Request (CSR).

The following processes can be carried out:

Create CSR

To assist with the generation of a CSR, ActiveServer provides this functionality via the Create CSR button. However, it also possible to do this process manually if you prefer, using another method like Java keytool.

The certificate content should be filled in as appropriate for the card schemes requirements, with the following options available:

  • Key size - key size of the request, measured in bits
  • Common Name – hostname that will use the certificate, usually a fully-qualified domain name
  • Organization – legal name of your company or organization
  • Organization Unit – departmental or division name for your group
  • City – city where your company is located
  • Province – province or state where your company is located
  • Two letter country code – two-character abbreviation for your country
  • Hash algorithm - hash algorithm used to sign the CSR.

Creating a CSR will generate the raw certificate content, as well as provide a button to Download certificate in a .p10 format.

Install

A signed certificate can be installed using the Install button.

Warning

It is only possible to have one client certificate at a time, installing or importing another certificate will cause the current one to be overwritten.