- 4 minutes to read
- Print
- DarkLight
- PDF
How to sign a DigiCert certificate on senhasegura
- 4 minutes to read
- Print
- DarkLight
- PDF
This document details the signing process of a DigiCert certificate on senhasegura, since the creation of the certificate authority until the revogation of the certificate.
Requirements
- A DigiCert account with proper permissions.
- A credit card valid to buy the certificate.
- A domain available to validate the certificate.
Configure DigiCert on senhasegura
To configure DigiCert on senhasegura, you need your DigiCert user details.
- Access DigiCert, and log in to your account.
- Click Account > User to find your user details, even your username.
Create a Certificate Authority on senhasegura
- On senhasegura, in the upper-left corner, click the Grid Menu, represented by the nine squares, and select Certificate Manager.
- In the side menu, select Configurations > Authorities.
- In the Action menu, represented by the three vertical dots, select New.
- In the opened window, choose DigiCert's CA.
- In the username field, enter your username.
Generate an API Key
- Access DigiCert, and log in to your account.
- In your DigiCert account, go to Automation > API Keys.
- Click Add API Key to create a new key to your user.
Get the Account ID
- Use the API Key generated on the previous step to access DigiCert's Account API.
- The response of the API will be an
JSON
with your Account ID. - Enter the data on senhasegura, filling the Certificate Authority fields with the obtained API Key and Account ID.
- Click Save.
Create an organization on senhasegura
- On senhasegura, in the upper-left corner, click the Grid Menu, represented by the nine squares, and select Certificate Manager.
- In the side menu, select Certificates > Organizations.
- To create a new organization, click the Actions menu, represented by the three vertical dots, and select New.
- Enter the organization's data, including, at least, one contact in the Contacts tab, this information will be used afterwards.
- Save the settings.
Generate a Certificate Signing Request (CSR)
On senhasegura, in the upper-left corner, click the Grid Menu, represented by the nine squares, and select Certificate Manager.
In the side menu, select Certificates > Requests.
To create a new CSR, click New.
Enter the following certificate information:
- Type of certificate.
- Type of domain.
- Organization: Select the organization created previously. (For example: MT4 Tecnologia LTDA).
- Common Name: Enter the domain to be protected by the certificate. (For example:
www.yourdomain.com
).
CautionThis domain must be accessible on the Internet for validation purposes.
- Expiration (in days): For test purposes, select the 7 days options to reduce costs.
- Encryption algorithm: Choose between RSA and DSA. For this example, we will use RSA.
- Length of the cryptographic key: Choose between 4096, 2048, and 1024. For this example, we will use 4096.
- Certificate Signature Algorithm: Choose between SHA256, SHA384, and SHA512. For this example, we will use SHA256.
InfoData related to the RapidSSL Standard DV certificate valid for up to 7 days costs $1.13.
- Additional configuration: Select the option to use the previously created CA.
Save all configurations.
Add funds in DigiCert
- In your DigiCert account, access your financial section in Finances > Deposit Funds.
- Add funds.
- Select the desired certificate type.
- Enter the required value.
The RapidSSL Standard DV certificate valid for up to 7 days costs $1.
- Enter your credit card data, and click Submit.
Sign CSR
- On senhasegura, in the upper-left corner, click the Grid Menu, represented by the nine squares, and select Certificate Manager.
- In the side menu, select Certificates > Requests, and find the CSR created previously.
- Click the Actions menu, represented by the three vertical points, and request the CSR sign by clicking Request signature.
- In the General tab, enter the system data.
- In the Additional information tab, enter the CA information to sign the certificate.
- Choose the desired type of domain validation. (For example: DNS TXT).
- Click Save.
- DigiCert will generate a request, and the certificate will be as Waiting Signature.
Validate the domain
- In your DigiCert account, access the buying order in Certificates > Orders.
- Find the order, and click the number of your buying order.
- Go to Prove control over domains.
- DigiCert will generate a unique
TXT
code to validate your domain. Copy this code. - Create a new
TXT
in your domain. - Access the DNS configurations in your domain.
- Create a new
TXT
registry with the code from the previous step. - Wait for the DNS propagation.
The DNS propagation can take some time to finish.
- Verify the domain.
- In the DigiCert page, click Check site so DigiCert validates your domain.
- Wait for the certificate to be issued.
After the validation of your domain, the certificate will be issued by DigiCert, and will be available on senhasegura after a couple of minutes.
Revoke the certificate (if necessary)
- On senhasegura, in the upper-left corner, click the Grid Menu, represented by the nine squares, and select Certificate Manager.
- In the side menu, select Certificates > Action > Revoke certificate, and find the certificate you want to revoke.
- A request will be sent to DigiCert.
Approve the revoke request in DigiCert
- In your DigiCert account, and go to Certificates > Requests.
- You will see a revoke request pending.
- Approve the request to revoke the certificate.
- After approval, the status of the certificate on senhasegura will be changed to Revoked.
Do you still have questions? Reach out to the senhasegura Community.