Adding a CA digital certificate

You can add a digital certificate to electronically validate your identity to a trading partner. Use Digital Certificates to add a CA digital certificate.

Before you begin

You can import a CA digital certificate as a resource from another installation of AS4 Microservice. For more information, see ../reference/as4/meg_resource_commands.html.

About this task

After you receive a new digital certificate from a certificate authority (CA), you must add it to AS4 Microservice.

Procedure

To add a CA digital certificate:

  1. Log in to AS4 Microservice as a Master Account Administrator or a user with the permissions to create digital certificates.
  2. Click Security > Digital Certificates.
  3. Click New > CA Certificate
  4. On the New CA Certificate page, enter the following values:
    Associated Organization

    Click Select and select the owner organization with which the certificate is associated.

    Certificate File

    Click Upload to browse and select the certificate file.

    Restriction: The certificate file must be a valid PKCS12 formatted keystore for public-private key pairs (.P12 or .PFX file extensions) or DER encoded for public certificates (.DER file extension).
    Tip: Only one copy of a digital certificate can be in the system, regardless of the certificate alias with which it is associated. Additionally, certificates cannot be used by more than one trading partner.
    Certificate Alias

    Select Use an existing certificate alias to use an existing certificate alias or Create new certificate alias to create a new certificate alias. All certificates must have a unique alias to enable the system to recognize the certificate name.

    Tip: When you add a certificate and use an existing certificate alias, the new certificate is added to the list of certificates that are already associated with that alias.
    Restriction: A certificate alias can be only associated with a maximum of two certificates. If a certificate alias already has two certificates that are associated with it, the alias is not displayed in the list of available aliases. Additionally, if the organization is using only certificate aliases that are already associated with two certificates, the Use an existing certificate alias option is disabled.
    Certificate Revocation List

    Optional: Select from a list or click Add CRL to add a Certificate Revocation List (CRL) for the certificate.

    Effective from date

    Specify the date and time from which the certificate is effective for use within AS4 Microservice. The certificate can be used within AS4 Microservice after this date.

    Effective to date

    Specify the date and time until which the certificate is effective for use within AS4 Microservice. The certificate can be used within AS4 Microservice after this date.

  5. Click Save to save the digital certificate and return to the CA Certificates collection page.