Certificate chain management
Perform the following tasks when you assign certificate chains to apps for more authentication:
| Task | Description |
| Obtain certificates |
Website owners typically obtain certificates chains from trusted Certificate Authorities (CA) (for example digicert). Okta doesn't endorse any specific certificate provider. |
| Add and delete certificate chains | Upload certificate chain to Access Gateway for with apps. |
| Manage CRL settings | Certificates can be revoked. Access Gateway manages the certificate revocation life-cycle using the using the Access Gateway Management console |
| Define application certificate chain behavior | Associate certificate chain with an app and define the desired app behavior. |