Smart card certificate chains

When creating a Smart card identity provider, you must provide a certificate chain. Certificate chains can be built directly by adding individual certificates in Edit Identity Provider dialog.
This page describes how add certificates and build a certificate chain for a Smart card identity provider. In addition, this page also describes how to discard a previously added certificate chain.

Topics

Create certificate chain

Important Note

Certificates must be in Privacy Enhanced Mail (PEM) or Distinguished Encoding Rules(DER) format.
There can be multiple certificates in a single file but they must all be in the same format.
Certificates may be in different formats, but files with multiple certificates must all be in the same format.

In the Edit Identity Provider dialog

  1. If required:
    1. In the Admin Console, navigate to Security >Identity Providers.
    2. On the row containing the Identity provider, click Configure.
  2. Add client, intermediate, and root certificates:
    1. Click browser files.
      An operating system specific file chooser dialog will display.
    2. Navigate to the directory containing the certificate and select the file.
    3. Click (+) Add another to add additional certificate files.
  3. Click Build Certificate Chain to build a complete chain from all uploaded files.
  4. If required, correct any errors.
  5. Click Update Identity Provider or Cancel to abort.

The new certificate chain is then displayed and other elements of the Identity provider may be updated.

Reset certificate chain

A completed certificate chain can be discarded.

To discard an existing certificate chain:

  1. If required:
    1. In the Admin Console, navigate to Security >Identity Providers.
    2. On the row containing the Identity provider, click Configure.
  2. Click Reset Certificate Chain.
The certificate chain is removed and the Identity provider appears as if no certificate chain was previously added.

Related topics

Add a Smart Card identity provider

Expressions and examples