Possible operations

Search bar

Enter the name of a certificate, identity or authority in the search field to look for it.
All certificates, identities and authorities that match the character string entered will appear.

Example:

If you type “a” in the search bar, the list below it will show all certificates containing an “a”.

Filter

This button allows you to select the type of certificate to display and to view only items that are relevant to you. A drop-down menu offers the following choices:

  • "Filter: All": displays in the list on the left all existing authorities, identities and certificates,
  • "Filter: Certification authorities": displays in the list on the left all authorities and sub-authorities,
  • "Filter: User certificates": displays in the list on the left only user certificates and the authorities on which they depend,
  • "Filter: Server certificates": displays in the list on the left only server certificates and the CAs on which they depend,
  • "Filter: Smart card certificates": displays in the list on the left only smart card certificates and the CAs on which they depend,

Add

Add various items to the PKI with this button:

  • Root authority,
  • Sub-authority,
  • User identity,
  • Smart card identity,
  • Server identity.

And Import a file containing items from the above categories.

For further information on these operations, refer to the sections Adding a root authority, Adding a sub-authority, Adding a user identity, Adding a smart card identity, Adding a server identity and Importing a file.

Refer to the section Allowed names to find out which characters are allowed and prohibited in various fields.

Revoke

Use this button to remove an authority, sub-authority, identity or certificate from the PKI.

For further information on these operations, refer to the section Revoking an authority, sub-authority or certificate.

Actions

The possible actions vary according to the type of object selected in the list on the left:

  • Authority or sub-authority: Create CRL, Renew CRL, Remove CRL, Set as default.
  • User certificate: LDAP publication,
  • Any identity type (except imported identities): Remove private key and Protect with the TPM.

For further information on these operations, refer to Creating, renewing or removing a CRL, Removing the private key of an identity, Set as default and Publishing a certificate in the LDAP directory.

Download

With this button, you can download:

  • Certificates of authorities and sub-authorities,
  • CRLs of authorities and sub-authorities,
  • User certificates, smart card certificates and server certificates,
  • User identities, smart card identities and server identities.

For further information on these operations, refer to Downloading a certificate, Downloading an identity and Downloading a CRL.

Check usage

You can look for the features or modules that use the selected certificate, CA of sub-authority selected.