Sign certificates

Any certificate will only be published on a device after it has been signed, either through a Certificate Authority (CA) or self-signed. The signature guarantees that the device is indeed who it claims to be.

After making the request,  the requisition appears listed with the Generated status. From this status, it is possible to request a subscription.

A certificate can be self-signed or signed by a CA:

• Self-signed: recommended for devices communicating only with others on the same network. Use for devices that recognize each other and can certify the signature of the other as valid because they trust each other's authenticity.
• Signed by a CA: recommended for devices that communicate with others outside your network. As there is no established trust relationship between the devices, both rely on the signature of a known CA with authority to say that the device is who it claims to be.

To sign a certificate:

1. Go to Certificate Manager➔Certificate➔Requests.

2. Search for the certificate you want to sign.

3. In the Action column, click the (⁝) icon and select Request signature.

3. Select whether the certificate will be Self-signed or not.

5. If the answer is No, select the CA to sign the certificate.

6. In Justification, describe why you want to sign the certificate.

7. Then select the Reason for the certificate signature.

8. If you wish, add the Governance code. This code can be any code that the user wants to add to help with internal organization/location.

9. Save.