Certificate chain management tasks

Assigning certificate chains to applications for additional authentication includes the following tasks:

Task Description Related Topic(s)
Obtain certificate
  • Website owners typically obtain certificates chains from trusted Certificate Authorities (CA), such as digicert.  
    Okta does not endorse any specific certificate provider.
  • See also Obtain certificates
    Upload certificate chains After obtaining a certificate chain it must be uploaded to Access Gateway for with applications.
    Certificates chains are uploaded using the Access Gateway Management console.
    See add certificate chains in Certificate chain operations. See also delete a certificate chain.

    Manage CRL lifecycle

    Certificates can be revoked. Access Gateway manages the certificate revocation life-cycle using the using the Access Gateway Management console

    See Manage CRL settings in Certificate chain operations

    Define application certificate chain behavior After uploading a certificate chain the chain must be associated with an application using application behaviors. On associated requests will immediately use the certificate chain for authentication and behave according to the selected behavior.

    See Client Certificate Validation in Manage application behaviors

    Related topics

    About client certificate validation behavior

    Certificate chain operations

    Client Certificate Validation