Difference between revisions of "Certificates"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) |
||
| Line 10: | Line 10: | ||
<h2>1. Certificate Issuance</h2> | <h2>1. Certificate Issuance</h2> | ||
| − | * | + | *A server will generate a '''Certificate Signing Request (CSR)''' file and a '''private key''' file. |
*The CSR file will be sent to a '''Certificate Authority (CA)'''. | *The CSR file will be sent to a '''Certificate Authority (CA)'''. | ||
*The CA verifies the server's identity and issues a '''server certificate'''. | *The CA verifies the server's identity and issues a '''server certificate'''. | ||
<h2>2. Installation on the VALT Server</h2> | <h2>2. Installation on the VALT Server</h2> | ||
| − | * | + | *The server installs the certificate along with the private key and the CA's root/intermediate certificates. |
<h2>3. Client Requests a Secure Connection</h2> | <h2>3. Client Requests a Secure Connection</h2> | ||
| − | *When a client (browser) tries to connect to the | + | *When a client (browser) tries to connect to the server, it will present its certificate. |
<h2>4. Certificate Validation</h2> | <h2>4. Certificate Validation</h2> | ||
| Line 27: | Line 27: | ||
<h2>5. Secure Data Transmission</h2> | <h2>5. Secure Data Transmission</h2> | ||
*Once validated, encrypted data is exchanged securely. | *Once validated, encrypted data is exchanged securely. | ||
| + | |||
| + | {{hr}} | ||
| + | {{hr}} | ||
| + | |||
| + | <h1>What is Expected of Me?</h1> | ||
| + | <ol> | ||
| + | <li>An IVS Support Engineer will either create a CSR file and key file that can be provided to you to generate a certificate (or you can provide us with a wildcard certificate and key file)</li> | ||
| + | <li>Once you have the certificate in hand, you will work with one of our Support Engineers to install the certificate alongside the private key and the CA's root/intermediate certificates.</li> | ||
| + | <li>The Support Engineer will ensure proper system functionality after the certificate is installed</li> | ||
| + | </ol> | ||
{{hr}} | {{hr}} | ||
| − | < | + | <h1>Supported Certificates Types with VALT</h1> |
*'''Single Certificate with Subject Alternative Names (SANs)''' | *'''Single Certificate with Subject Alternative Names (SANs)''' | ||
*'''Wildcard Certificate''' | *'''Wildcard Certificate''' | ||
| + | {{Aside - Warning | hue = 50 | content = Certificates can be provided in PEM or PFX (or PKCS12) format.}} | ||
}} | }} | ||
Revision as of 17:21, 3 March 2025
Contents
Certificates
⚠IVS is not responsible for maintaining the renewal of certificates that may be installed on your system. We are happy to work with you to provide you with a CSR file or to install the renewed certificate on your VALT system when it is needed. We recommend that all customers setup a reminder to renew the certificate at least a week prior to certificate expiration.
A certificate is a digital file that is used to establish a secure connection between a client and a server (e.g., VALT). It is a key part of SSL/TLS encryption, ensuring that data transmitted between the two parties is encrypted and that the server is authentic.
How Do Server Certificates Work?
1. Certificate Issuance
- A server will generate a Certificate Signing Request (CSR) file and a private key file.
- The CSR file will be sent to a Certificate Authority (CA).
- The CA verifies the server's identity and issues a server certificate.
2. Installation on the VALT Server
- The server installs the certificate along with the private key and the CA's root/intermediate certificates.
3. Client Requests a Secure Connection
- When a client (browser) tries to connect to the server, it will present its certificate.
4. Certificate Validation
- The client checks if the certificate is valid (not expired, issued by a trusted CA, and matches the domain).
- If valid, the server and client establish an encrypted connection using TLS.
- If not valid, the browser will show an error message.
5. Secure Data Transmission
- Once validated, encrypted data is exchanged securely.
What is Expected of Me?
- An IVS Support Engineer will either create a CSR file and key file that can be provided to you to generate a certificate (or you can provide us with a wildcard certificate and key file)
- Once you have the certificate in hand, you will work with one of our Support Engineers to install the certificate alongside the private key and the CA's root/intermediate certificates.
- The Support Engineer will ensure proper system functionality after the certificate is installed
Supported Certificates Types with VALT
- Single Certificate with Subject Alternative Names (SANs)
- Wildcard Certificate
⚠Certificates can be provided in PEM or PFX (or PKCS12) format.
