Certificate Operations
With a certificate imported into Signum a user with the correct permissions has the ability to access Quick Action buttons as well as view the overall status of the certificate described below.
Name | Status | Usage Count | Last Use | Groups | Policies | Valid To |
---|---|---|---|---|---|---|
The Alias of the Certificate | Quick at a glance status of the Certificate including:
| The number of times the certificate has been used for signing. | The last time and date of use (in UTC). | The certificate groups this certificate is associated with. | The policies this certificate has been assigned to. | Certificate Expiration Date. |
With a certificate imported into Signum, a user with the correct permissions has the ability to access the Quick Actions by clicking on the actions button of the certificate and selecting the appropriate option.
Quick Action Icon | Description |
---|---|
Enable / Disable | An enabled certificate is available to be used by owners or based on assigned policies. A disabled certificate cannot be used regardless of any policies or ownership. |
Download | Downloads the certificate as a .cer file. |
CSR / Renew | Choosing to Renew a certificate will again bring up the Generate CSR Wizard ( see Generating a Request ). The old certificate will continue to be available for use until the new certificate is imported against the new request. This method allows for easy mapping of existing policies and configurations when keys need to be renewed. |
Delete | Permanently deletes the certificate and associated private key material. |
From the Certificates view it is also possible to perform actions on individual or multiple certificates by selecting the checkbox either next to the certificate or on the table header.
Quick Action Icon | Description |
---|---|
/ Add Groups | Adds a certificate to the selected certificate groups. To perform this function, the user needs to have the role permission assigned to add to certificate groups see Creating a Role for more information. |
/ Remove Groups | Removes a certificate from the selected certificate groups. To perform this function, the user needs to have the role permission assigned to remove certificates from groups see Creating a Role for more information. Only the Signum Administrator can remove all group assignments from a certificate. |
/ Enable Certificates | An enabled certificate is available to be used by owners or based on assigned policies. |
/ Disable Certificates | A disabled certificate will be inaccessible to the Signum Agents for signing. Even if the authenticated user is the “Owner” of the certificate, none of the remote Agents will be able to access the certificate. |
/ Delete Certificates | Permanently deletes the certificate and associated private key material. |
Certificate Detail View
Additional options for managing and viewing details about individual certificates can be found by selecting the certificate from the Certificates tab.
General | Description |
---|---|
Certificate Alias | The “name” of the certificate in Signum, can be different from the certificate CN value. |
Owner | The Owner of a certificate will be able to access the certificate superseding any configured policies. |
Usage Count | The total number of times the certificate has been used for signing. |
Status | The current status of the certificate (enabled vs disabled). |
Description | Optional field to enter additional metadata information about the certificate. |
Ask for a reason when used | Will prompt desktop users with a pop-up of the Signum Windows Agent to enter a reason when using a certificate to sign something. |
Always ask for PIN | Will prompt desktop users with a pop-up of the Signum Windows Agent to enter a PIN to use the certificate to sign something. Checking this box will bring up a field to enter the PIN for the certificate. Currently PINs can only be set per certificate. |
Associates | Description |
---|---|
Certificate Groups | Which certificate groups this certificate is in. |
Related Policies | What policies are assigned to this certificate. |
Associated Users | Users that are associated with this certificate because they are included in a policy with this certificate. |
Associted User Groups | User groups (locally in Signum or from an IDP) that are associated with this certificate because they are included in a policy with this certificate. |
The Details and X.509 Attributes sections include additional detailed information about the certificate properties including things like the serial number, thumbprint, issuer, extended key usage, etc.