Skip to main content
Skip table of contents

Certificate Operations

With a certificate imported into Signum a user with the correct permissions has the ability to access Quick Action buttons as well as view the overall status of the certificate described below.

image-20240604-064136.png

Certificate Status

Name

Status

Usage Count

Last Use

Groups

Policies

Valid To

The Alias of the Certificate

Quick at a glance status of the Certificate including:

  • Is the Certificate enabled for use?

  • Is there an Owner for the Certificate?

  • Is there a PIN associated with the Certificate?

  • Is there a reason required when using the Certificate?

The number of times the certificate has been used for signing.

The last time and date of use (in UTC).

The certificate groups this certificate is associated with.

The policies this certificate has been assigned to.

Certificate Expiration Date.

image-20240604-064332.png

Certificate Quick Action Buttons

With a certificate imported into Signum, a user with the correct permissions has the ability to access the Quick Actions by clicking on the actions button of the certificate and selecting the appropriate option.

Quick Action Icon

Description

Enable / Disable

An enabled certificate is available to be used by owners or based on assigned policies. A disabled certificate cannot be used regardless of any policies or ownership.

Download

Downloads the certificate as a .cer file.

CSR / Renew

Choosing to Renew a certificate will again bring up the Generate CSR Wizard ( see Generating a Request ). The old certificate will continue to be available for use until the new certificate is imported against the new request. This method allows for easy mapping of existing policies and configurations when keys need to be renewed.

Delete

Permanently deletes the certificate and associated private key material.

From the Certificates view it is also possible to perform actions on individual or multiple certificates by selecting the checkbox either next to the certificate or on the table header.

image-20240604-064717.png

Certificate Actions

Quick Action Icon

Description

image-20240604-065049.png / Add Groups

Adds a certificate to the selected certificate groups. To perform this function, the user needs to have the role permission assigned to add to certificate groups see Creating a Role for more information.

image-20240604-065147.png / Remove Groups

Removes a certificate from the selected certificate groups. To perform this function, the user needs to have the role permission assigned to remove certificates from groups see Creating a Role for more information. Only the Signum Administrator can remove all group assignments from a certificate.

image-20240604-065201.png / Enable Certificates

An enabled certificate is available to be used by owners or based on assigned policies.

image-20240604-065213.png / Disable Certificates

A disabled certificate will be inaccessible to the Signum Agents for signing. Even if the authenticated user is the “Owner” of the certificate, none of the remote Agents will be able to access the certificate.

image-20240604-065225.png / Delete Certificates

Permanently deletes the certificate and associated private key material.

Certificate Detail View

Additional options for managing and viewing details about individual certificates can be found by selecting the certificate from the Certificates tab.

image-20240604-065545.png

Individual Certificate View

General

Description

Certificate Alias

The “name” of the certificate in Signum, can be different from the certificate CN value.

Owner

The Owner of a certificate will be able to access the certificate superseding any configured policies.

Usage Count

The total number of times the certificate has been used for signing.

Status

The current status of the certificate (enabled vs disabled).

Description

Optional field to enter additional metadata information about the certificate.

Ask for a reason when used

Will prompt desktop users with a pop-up of the Signum Windows Agent to enter a reason when using a certificate to sign something.

Always ask for PIN

Will prompt desktop users with a pop-up of the Signum Windows Agent to enter a PIN to use the certificate to sign something. Checking this box will bring up a field to enter the PIN for the certificate. Currently PINs can only be set per certificate.

image-20240604-065905.png

Certificate Associates/Related View

Associates

Description

Certificate Groups

Which certificate groups this certificate is in.

Related Policies

What policies are assigned to this certificate.

Associated Users

Users that are associated with this certificate because they are included in a policy with this certificate.

Associted User Groups

User groups (locally in Signum or from an IDP) that are associated with this certificate because they are included in a policy with this certificate.

The Details and X.509 Attributes sections include additional detailed information about the certificate properties including things like the serial number, thumbprint, issuer, extended key usage, etc.

image-20240604-070113.png

Certificate Details View

image-20240604-070231.png

Certificate X.509 Attributes View

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.