Certificate chain management tasks

Assigning certificate chains to applications for additional authentication includes the following tasks:

Task Description
Obtain certificates Website owners typically obtain certificates chains from trusted Certificate Authorities (CA), such as digicert.  
Okta does not endorse any specific certificate provider.
add certificate chain
delete a certificate chain
After obtaining a certificate chain it must be uploaded to Access Gateway for with applications.
Certificates chains are uploaded using the Access Gateway Management console.


Manage CRL settings

Certificates can be revoked. Access Gateway manages the certificate revocation life-cycle using the using the Access Gateway Management console

Define application certificate chain behavior After uploading a certificate chain the chain must be associated with an application using application behaviors.
On associated requests will immediately use the certificate chain for authentication and behave according to the selected behavior.

Related topics

About client certificate validation behavior

Certificate chain operations

Client Certificate Validation