Difference between revisions of "Certificates"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) |
||
| (10 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | {{Article | | + | {{Article - Manual | content = |
| − | {{Aside - Warning | content = IVS is not responsible for maintaining the renewal of certificates that may be installed on your system. We are happy to work with you to provide you with a CSR file or to install the renewed certificate on your VALT system when it is needed. ''We recommend that all customers | + | <h1>Certificates</h1> |
| + | {{Aside - Warning | content = IVS is not responsible for maintaining the renewal of certificates that may be installed on your system. We are happy to work with you to provide you with a CSR file or to install the renewed certificate on your VALT system when it is needed. ''We recommend that all customers set up a reminder to renew the certificate at least a week prior to certificate expiration.''}} | ||
<div class="floating_card"> | <div class="floating_card"> | ||
A certificate is a digital file that is used to establish a secure connection between a client and a server (e.g., VALT). It is a key part of SSL/TLS encryption, ensuring that data transmitted between the two parties is encrypted and that the server is authentic.</div> | A certificate is a digital file that is used to establish a secure connection between a client and a server (e.g., VALT). It is a key part of SSL/TLS encryption, ensuring that data transmitted between the two parties is encrypted and that the server is authentic.</div> | ||
| + | |||
| + | {{hr}} | ||
| + | |||
| + | |||
| + | <center>[https://valt.wistia.com/medias/jl4s9k90xq ▶️ Watch our brief video on this topic!]</center> | ||
| + | |||
{{hr}} | {{hr}} | ||
<h1>How Do Server Certificates Work?</h1> | <h1>How Do Server Certificates Work?</h1> | ||
| + | |||
| + | {{hr - 2}} | ||
<h2>1. Certificate Issuance</h2> | <h2>1. Certificate Issuance</h2> | ||
| − | *A | + | *A '''Certificate Signing Request (CSR)''' file and a '''private key''' file can be generated on your server. |
| + | {{Aside - Helpful | content = If you need <b>help getting a CSR</b>, contact the [https://ivs.help IVS Support Team].}} | ||
*The CSR file will be sent to a '''Certificate Authority (CA)'''. | *The CSR file will be sent to a '''Certificate Authority (CA)'''. | ||
*The CA verifies the server's identity and issues a '''server certificate'''. | *The CA verifies the server's identity and issues a '''server certificate'''. | ||
| + | |||
| + | {{hr - 2}} | ||
<h2>2. Installation on the VALT Server</h2> | <h2>2. Installation on the VALT Server</h2> | ||
| − | * | + | *Once you have the cert, it can be installed, along with the private key, and the CA's root/intermediate certificates. |
| + | {{Aside - Warning | hue = 50 | content = The VALT cert needs to be applied to multiple services. If it is applied to only the web application, full functionality will NOT be restored.}} | ||
| + | {{Aside - Helpful | content = If you are looking to <b>install your certs</b>, please contact the [https://ivs.help IVS Support Team].}} | ||
| + | |||
| + | {{hr - 2}} | ||
<h2>3. Client Requests a Secure Connection</h2> | <h2>3. Client Requests a Secure Connection</h2> | ||
*When a client (browser) tries to connect to the server, it will present its certificate. | *When a client (browser) tries to connect to the server, it will present its certificate. | ||
| + | |||
| + | {{hr - 2}} | ||
<h2>4. Certificate Validation</h2> | <h2>4. Certificate Validation</h2> | ||
| Line 24: | Line 42: | ||
*If valid, the server and client establish an encrypted connection using TLS. | *If valid, the server and client establish an encrypted connection using TLS. | ||
*If not valid, the browser will show an error message. | *If not valid, the browser will show an error message. | ||
| + | |||
| + | {{hr - 2}} | ||
<h2>5. Secure Data Transmission</h2> | <h2>5. Secure Data Transmission</h2> | ||
*Once validated, encrypted data is exchanged securely. | *Once validated, encrypted data is exchanged securely. | ||
| − | |||
{{hr}} | {{hr}} | ||
<h1>What is Expected of Me?</h1> | <h1>What is Expected of Me?</h1> | ||
<ol> | <ol> | ||
| − | <li>An IVS Support Engineer will either create a CSR file and key file that can be provided to you to generate a certificate (or you can provide us with a wildcard certificate and key file)</li> | + | |
| − | <li>Once you have the certificate in hand, | + | <li>Schedule a 1-hour '''Support''' session with us over at our booking site.</li> |
| − | <li> | + | |
| + | <li>An IVS Support Engineer will either create a CSR file and key file that can be provided to you to generate a certificate (or you can provide us with a wildcard certificate and key file).</li> | ||
| + | |||
| + | <li>Once you have the certificate in hand, we will install the certificate alongside the private key and the CA's root/intermediate certificates.</li> | ||
| + | |||
| + | <li>After installation of the certificate, the Support Engineer will ensure proper system functionality.</li> | ||
</ol> | </ol> | ||
| + | {{Aside - Helpful | content = Looking to contact the [https://ivs.help IVS Support Team]?}} | ||
{{hr}} | {{hr}} | ||
| Line 42: | Line 67: | ||
<h1>Supported Certificates Types with VALT</h1> | <h1>Supported Certificates Types with VALT</h1> | ||
| − | * | + | *Single Certificate with Subject Alternative Names (SANs) |
| − | * | + | *Wildcard Certificate |
{{Aside - Warning | hue = 50 | content = Certificates can be provided in PEM or PFX (or PKCS12) format.}} | {{Aside - Warning | hue = 50 | content = Certificates can be provided in PEM or PFX (or PKCS12) format.}} | ||
}} | }} | ||
Latest revision as of 14:29, 18 March 2025
Certificates
⚠IVS is not responsible for maintaining the renewal of certificates that may be installed on your system. We are happy to work with you to provide you with a CSR file or to install the renewed certificate on your VALT system when it is needed. We recommend that all customers set up a reminder to renew the certificate at least a week prior to certificate expiration.
A certificate is a digital file that is used to establish a secure connection between a client and a server (e.g., VALT). It is a key part of SSL/TLS encryption, ensuring that data transmitted between the two parties is encrypted and that the server is authentic.
How Do Server Certificates Work?
1. Certificate Issuance
- A Certificate Signing Request (CSR) file and a private key file can be generated on your server.
🕮If you need help getting a CSR, contact the IVS Support Team.
- The CSR file will be sent to a Certificate Authority (CA).
- The CA verifies the server's identity and issues a server certificate.
2. Installation on the VALT Server
- Once you have the cert, it can be installed, along with the private key, and the CA's root/intermediate certificates.
⚠The VALT cert needs to be applied to multiple services. If it is applied to only the web application, full functionality will NOT be restored.
🕮If you are looking to install your certs, please contact the IVS Support Team.
3. Client Requests a Secure Connection
- When a client (browser) tries to connect to the server, it will present its certificate.
4. Certificate Validation
- The client checks if the certificate is valid (not expired, issued by a trusted CA, and matches the domain).
- If valid, the server and client establish an encrypted connection using TLS.
- If not valid, the browser will show an error message.
5. Secure Data Transmission
- Once validated, encrypted data is exchanged securely.
What is Expected of Me?
- Schedule a 1-hour Support session with us over at our booking site.
- An IVS Support Engineer will either create a CSR file and key file that can be provided to you to generate a certificate (or you can provide us with a wildcard certificate and key file).
- Once you have the certificate in hand, we will install the certificate alongside the private key and the CA's root/intermediate certificates.
- After installation of the certificate, the Support Engineer will ensure proper system functionality.
🕮Looking to contact the IVS Support Team?
Supported Certificates Types with VALT
- Single Certificate with Subject Alternative Names (SANs)
- Wildcard Certificate
⚠Certificates can be provided in PEM or PFX (or PKCS12) format.
