About Client Certificates

This section covers the following:

1 Generating a Client Certificate
2 Viewing Client Certificates
3 Downloading Client Certificates

You can generate client certificates for a Grid Master or a Grid Master candidate, and then send it to another server, such as a Hardware Security Module (HSM).

Generating a Client Certificate

To generate a client certificate:

Grid: From the Grid tab, select the Grid Manager tab.
Grid Master Candidate: From the Grid tab, select the Grid Manager tab -> Members tab -> member checkbox.
From the Toolbar, click Certificates -> Client Cert -> Generate Client Certificate, and select either RSASHA1 or RSASHA256.
- If you are generating a certificate for an HSM group with Thales Luna 4 devices, you must select RSASHA1; and if the certificate is for an HSM group with Thales Luna 5 or Luna 6 devices, select RSASHA256.

The appliance displays a confirmation dialog after it generates the certificate. If a certificate had been previously generated, the appliance displays a dialog warning that if the previous certificate was registered with a server, then the new certificate must be registered with the server.

Viewing Client Certificates

To view the client certificates that were generated:

Grid: From the Grid tab, select the Grid Manager tab.
Grid Master Candidate: From the Grid tab, select the Grid Manager tab -> Members tab -> member checkbox.
From the Toolbar, click Certificates -> Client Cert -> View Client Certificate, and select either RSASHA1 or RSASHA256.

The appliance displays the selected certificate.

Downloading Client Certificates

To download a client certificate:

Grid: From the Grid tab, select the Grid Manager tab.
Grid Master Candidate: From the Grid tab, select the Grid Manager tab -> Members tab -> member checkbox.
From the Toolbar, click Certificates -> Client Cert -> Download Client Certificate, and select either RSASHA1 or RSASHA256.
Save the certificate.