- The submenu Certificates is arranged in tabs. Each tab is dedicated to a specific type of globally stored certificate:
- Tab Server Certificates – lists of server certificates for virtual hosts. Certification authority (CA) chain, private keys, and root CA are also stored here.
- Tab ACME Services – list of ACME services for automatic certificate management.
- Tab Client Certificates – lists client certificates for back-ends. Certification authority (CA) chain, private keys, and root CA are also stored here.
- RSA and ECC certificates are supported.
- For Subject Alternative Name (SAN) certificates the domains covered by the SAN certificate are listed in the column Alternative Names. The domain names are also displayed wherever global certificates can be selected from a drop-down list.
Test certificates are generated during the initial installation and set-up of your Airlock Gateway. Add the final certificates for production use.
While the own Airlock Gateway and the back-ends can be configured with self-signed certificates, the certificates which are used for virtual hosts should be issued by well-trusted certificate authorities (CAs).