How Do Server Certificates Work?

1. Certificate Issuance

• A server will generate a Certificate Signing Request (CSR) file and a private key file.
• The CSR file will be sent to a Certificate Authority (CA).
• The CA verifies the server's identity and issues a server certificate.

2. Installation on the VALT Server

• The server installs the certificate along with the private key and the CA's root/intermediate certificates.

3. Client Requests a Secure Connection

• When a client (browser) tries to connect to the server, it will present its certificate.

4. Certificate Validation

• The client checks if the certificate is valid (not expired, issued by a trusted CA, and matches the domain).
• If valid, the server and client establish an encrypted connection using TLS.
• If not valid, the browser will show an error message.

5. Secure Data Transmission

• Once validated, encrypted data is exchanged securely.

What is Expected of Me?

1. An IVS Support Engineer will either create a CSR file and key file that can be provided to you to generate a certificate (or you can provide us with a wildcard certificate and key file)
2. Once you have the certificate in hand, you will work with one of our Support Engineers to install the certificate alongside the private key and the CA's root/intermediate certificates.
3. The Support Engineer will ensure proper system functionality after the certificate is installed

Supported Certificates Types with VALT

• Single Certificate with Subject Alternative Names (SANs)
• Wildcard Certificate