Import Private Key: Click to import the subject’s private key (usually from a PEM or DER-encoded file).Private key stored locally: This read-only field displays details of the private key.The following options are available for keys stored locally: If the private key is stored in the API Gateway certificate store, select Private key stored locally. They can also be provided by an OpenSSL engine, or stored on a Hardware Security Module (HSM) if required.ĪPI Gateway supports PKCS#11-compatible HSM devices. By default, private keys are stored locally (for example, in the API Gateway certificate store). Use the Private Keytab to configure details of the private key. Export Certificate: Click to export the certificate (for example, to a.Import Certificate: Click to import a certificate (for example, from a.You can use the following buttons to import or export certificates into the certificate store: The certificate can be self-signed, or signed by the private key belonging to a trusted CA whose key pair is stored in the certificate store. Sign Certificate: You must click this button to sign the certificate.Not valid after: Select a date to define the end of the validity period of the certificate.Not valid before: Select a date to define the start of the validity period of the certificate.You can then click the browse button on the right to select an issuer certificate. Choose Issuer Certificate: Select to explicitly specify an issuer certificate for this certificate (for example, to avoid a potential clash or expiry issue with another certificate using the same intermediary certificate).Issuer: This read-only field displays the distinguished name of the CA that issued the certificate.Version: This read-only field displays the X.509 version of the certificate.Public Key: Click Import to import the subject’s public key (usually from a PEM or DER-encoded file).Alternatively, you can click Use Subject to add the DName of the certificate in he text box instead of a certificate alias. Alias Name: This mandatory field enables you to specify a friendly name (or alias) for the certificate.Subject: Click Edit to configure the Distinguished Name (DName) of the subject.
#Axway secure transport how to
This section explains how to use the X.509 Certificate tab on this dialog.Ĭonfigure the following settings to create a certificate: The Configure Certificate and Private Key dialog is displayed.
To create a certificate and private key, click Create/Import.
For details, see Manage certificates in Java keystores.
For example, if API Gateway is to trust secure communications (SSL connections or XML Signature) from an external SAML Policy Decision Point (PDP), you must import the PDP certificate, or the issuing CA certificate into the API Gateway certificate store. Import CA certificates, and import and create server certificates and private keys in the certificate store.įor API Gateway to trust X.509 certificates issued by a specific Certificate Authority (CA), you must import that CA’s certificate into the API Gateway’s trusted certificate store. Import the certificate and key into Policy Studio.How are certificates and keys stored in API Gateway?.Generate a CSR and import the certificate and key.Create a certificate realm and associated keystore.Edit on GitHub Edit on Netlify CMS Create documentation issue Contribution guidelines