4.10. Certificates

The keystore is the page where you can modify the keystore specific to your account. Each Babelway account environment has its own keystore and is able to add or remove certificates without affecting other users.

A key is private information that is only known by your account environment and may not be shared with others. It holds the secret that only you can know to decrypt messages sent to you.

A certificate is public information that can be shared with others and be known by anyone. It allows them to verify that your signature could only have been generated with the key corresponding to the certificate.

Key/Certificate pairs can be self-signed but are usually generated by certificate authorities such as Thawte Consuting, Verisign Inc.,Comodo CA Limited….etc

Each certificate entry in the table below can be downloaded in various formats, or revoked. These options are available on the certificate's detail page, accessible by clicking on a table entry.

Trusted Certificates

Figure 4.266. Trusted Certificates


Your Certificates

Figure 4.267. Your Certificates


Certificate Update

Figure 4.268. Certificate Update


Certificates

This section lists all key/certificate pairs that are currently in your keystore. They are typically used to sign outgoing messages or decrypt incoming messages. In order to share the certificate with your partner, you can download the certificate by clicking on it to access its details page. Then, use the Download link. Note that the downloaded file will never include your private key and only contain your public certificate.

You can add a new key/certificate pair using a PKCS12 file under the Add new Certificate section.

Trusted certificates

This is the list of trusted certificates currently in your keystore. A trusted certificate corresponds to the public certificate of one of your partners.

You can add a new trusted certificate by using an https URL. In this case, the certificate linked to the HTTPS page will be trusted. You can also add a new trusted certificate using the certificate file provided by your partner.

In each case, you can select to trust the root of the given certificate. If you choose to do so, all certificates generated by the certificate authority will be trusted.

Note: A deployment is required after updating a certificate or adding new certificate in order to push this changes to production.

The supported certificates in the Babelway system are (DER encoded binary X.509 ".CER", Base-64 encoded X.509 ".CER", PKCS #7 Certificates ".P7B", .CRT).

To read more about Https gateway See Http Client Gateway Out