Managing TLS certificates

Processing messages transmitted over encrypted TLS connections requires a TLS certificate. When you create a cluster, the application automatically creates a self-signed certificate and uses is as the active certificate. This certificate is displayed in the table of TLS certificates as Default Cert.

If you do not want to use this default certificate, you can add one or more TLS certificates and make one of the added certificates active. The other certificates are displayed in the table with the switch turned off. You can make a different certificate active at any time.

You can use certificates of the following types:

A comparison of certificate types supported by the application is provided in the following table.

Comparison of supported certificate types

Property

Self-signed

CSR-based

PFX

Must use a certification authority

No

Yes

Yes

The private key of the certificate is stored outside of the cluster

No

No

Yes

Can manually configure the certificate

Can populate only some fields

Can populate only some fields

Yes

In this section

Adding a self-signed certificate

Adding a CSR-based certificate

Adding a PFX certificate

Viewing certificate information

Making a certificate active

Downloading a certificate

Deleting a certificate

Page top