Certificate Management

Overview

mLTS (Mutual Transport Layer Security) certificates add an extra layer of security on top of other integrations. You can link mTLS certificates to most service authentication types available on the Services Administration page. To add certificates to your environment, though, you'll use Certificate Management.

NOTE  Some authentication types don't support using mTLS certificates. These include: Canada Post, Decryption (GPG), Encryption (GPG), FTP, Google Places, HMAC, Plaid, SFTP, and Twilio.

From Certificate Management, you can easily add, view, and manage mTLS certificates in your environment, using the certificate dashboard. After adding a certificate to your environment, you have a few options for how and where to link services to the certificate:

  • Linking services when adding a certificate to the certificate dashboard.

  • Editing a certificate in the certificate dashboard to link new services.

  • Linking a certificate to a service when adding the service in Services Administration.

  • Editing a service in Services Administration to link a new certificate.

What You'll Learn

In this article, you'll learn how to:

The Certificate Dashboard

The certificate dashboard is where you'll add, review, and manage certificates in your environment. Here's an example of a certificate dashboard with several certificates:

From the certificate dashboard, you can gather some useful information at a glance, including:

Column Column Description

Name

The certificate's name.

TIP  Certificate names are customizable labels you'll set when adding the certificate.

Number of services

How many services are linked to the certificate.

TIP  You can link one certificate to several services. However, you can only link each service to one certificate at a time.

Issue date

The certificate's issue date.

Expiration date

The certificate's expiration date.

Status

The certificate's status:

  • Active

  • Expires soon

  • Expired

Actions

From the Manage drop-down, you can view, edit, or delete a certificate.

To access the certificate dashboard:

1. Click the Settings drop-down at the top right of the Unqork Designer Platform.
2. Click Administration.
3. Under Integration, select Certificate Management.

Adding a Certificate and Linking Services to the Certificate

The first step to link a certificate to services is to add the certificate to your certificate dashboard.

NOTE  The following instructions cover how to add an mTLS certificate and link services to it. You can also set up a certificate without linking services to it. After completing the required fields in the Mutual TLS Info tab, click Next. Then, without attaching any services on the Attach Services tab, click Add Certificate.

TIP  The certificate must be in PFX (personal information exchange) format to be valid. You can validate the format using an IDE (integrated development environment) text and code editor. To learn more about generating a certificate or converting a certificate's format, search Generating a PFX Certificate Bundle for mTLS in our In-Product Help.

To add a certificate to the certificate dashboard:

1. Click the Settings drop-down at the top right of the Unqork Designer Platform.
2. Click Administration.
3. Under Integration, select Certificate Management.
4. Click + New Certificate. The certificate configuration modal opens.
5. Enter a name for your certificate in the Certificate Title field.

NOTE  Certificate names must be unique.

6. Copy and paste the contents of the mTLS certificate into the PFX or PKCS12 Encoded (hex) Private Key and Certificate Chain field.  
7. Copy and paste the certificate password into the PFX Passphrase field, if required.

8. Click Next.
9. From the Attach Services drop-down, select the service(s) to link to your certificate.

NOTE  Services must be set up in Services Administration to show in the Attach Services drop-down.

TIP  You can link one certificate to several services. However, each service can only be linked to one certificate at a time.

10. Click Add Services.

11. Click Add Certificate.

Linking Services to a Certificate from Services Administration

You can also link services to a certificate directly from the Services Administration page. You can do this while initially adding your new service. Or, you can add a certificate to an existing service.

To link a certificate to a service, from Services Administration:

1. Click the Settings drop-down at the top right of the Unqork Designer Platform.
2. Click Administration.
3. Under Integration, select Services Administration.
4. From the Active Services list, select an existing service. Or, configure a new service.

TIP  To learn how to add a new service to the Services Administration list, search Services Administration in our In-Product Help.

5. Select the Enable Mutual TLS checkbox.
6. From the Certificates drop-down, select a certificate.

7. Click Save Changes or Add Service.

Viewing a Certificate and its Linked Services

After adding a certificate, it's useful to review the certificate's details. For example, checking what services are linked to the certificate.

To view a certificate:

1. Click the Settings drop-down at the top right of the Unqork Designer Platform.
2. Click Administration.
3. Under Integration, select Certificate Management.
4. In the certificate dashboard, find the certificate to view.
5. Under the Actions column, click Manage.
6. From the Manage drop-down, select Edit. The certificate configuration modal opens.

7. Select the Attach Services tab to view the list of linked services.
8. Click Done.

Editing a Certificate and its Linked Services

At some point you might need to edit the certificate's details. For example, changing the certificate's title, or editing the list of services linked to the certificate. You view and edit certificates from the same certificate configuration modal. However, to edit your certificate you need to intentionally enable editing.

To edit a certificate:

1. Click the Settings drop-down at the top right of the Unqork Designer Platform.
2. Click Administration.
3. Under Integration, select Certificate Management.
4. In the certificate dashboard, find the certificate to edit.
5. Under the Actions column, click Manage.
6. From the Manage drop-down, select Edit. The certificate configuration modal opens.
7. Set the Edit toggle to ON.

8. Make changes to the certificate's settings as needed.
9. Select the Attach Services tab to view the list of linked services.

10. Make changes to the list of linked services as needed.

TIP  To delete a linked service, click the  (trash can) icon in that service's row of the list. To link a new service, follow the steps in the Adding a Certificate and Linking Services to the Certificate section.

11. Click Save.

Deleting a Certificate

Whether a certificate has expired or is no longer needed, you'll need to delete certificates from your certificate dashboard at some point.

WARNING  Deleting certificates is permanent and irreversible. Any services linked to the deleted certificate lose their certificate. You can manually link the services to a different certificate later.

To delete a certificate:

1. Click the Settings drop-down at the top right of the Unqork Designer Platform.
2. Click Administration.
3. Under Integration, select Certificate Management.
4. In the certificate dashboard, find the certificate to delete.
5. Under the Actions column, click Manage.
6. From the Manage drop-down, select Delete.
7. At the confirmation message, click Yes, Remove.