Next-generation platform

Generating client certificates

You can generate client certificates in the Self Service, download the generated certificates, and then use these certificates for authentication to access the Sterling Order Management System application.

Before you begin

You must have the Developer role or the Organization Administrator role to generate a client certificate.

About this task

Note: The client certificates for IBM MQ and the client certificates for the Sterling Order Management System tools are different and must not be used interchangeably.
  • The Client certificates can be used in the browser to access the Sterling Order Management System application.
  • The IBM MQ certificates can be used for external systems to connect to the IBM MQ servers.
A certificate is valid for one year. You can view the expiry date of the certificate under the Certificates tab. A notification alert is sent to the owner of the certificate for the certificates that are going to expire after a month. Alerts are sent even for certificates that are expiring after a week and after a day. When you receive a notification, you must generate a new certificate manually and use the new certificate. The Organization Administrator receives a summary of all the certificates that are going to expire in a month or in a week.
Note: Expired certificates are removed from the application and database after 90 days of expiration.
The following table lists the actions for the client certificates that a user with the Developer and the Organization Administrator role can do.
Role Actions
Developer
  • Generate client certificates.
  • View all client certificates that are generated by the user themselves.
  • Download all client certificates that are generated by the user themselves.
Organization Administrator
  • View all client certificates.
  • Generate client certificates.
  • Download all client certificates.
  • Revoke all client certificates.

Procedure

To generate a client certificate, complete the following steps.

  1. Access the Self Service with your IBMid.
  2. From the Self Service menu, click Environments.
  3. From the list of environments, select an environment.
  4. In the Certificates tab, click Inbound.
  5. Select the certificate type as Client certificates.
  6. Click Generate certificate.
  7. In the Add certificate page, enter the Certificate owner. If the certificate is for a person, enter their name or email address. If the certificate is for a device, enter an ID to identify the device. For example, enter the store name and a serial number for the device such as 'Store123-serial 456789'.
  8. Click Generate.

What to do next

Download the client certificate and import it in your browser to access the Sterling Order Management System applications. For more information, see Downloading inbound certificates.