Manage certificates and certificate chains

Access Gateway uses certificates in several ways, including:

  • Providing trust relationships between a browser and Access Gateway on behalf of a protected web resource, such as a back-end application.
  • Authenticate requests using client certificate chains.
  • TLS termination and more.

The following pages describe how to use Access Gateway to manage certificates, manage certificate chains, associate certificates with back-end applications and define certificate chain-based authentication.

Access Gateway uses two interfaces to manage certificates and certificate chains, as well as associate certificate and certificate validation behavior with applications.

  • The Access Gateway Management console to manage certificates and certificate chains.
  • The Access Gateway Admin UI console to associate certificates with a back-end protected web resource and define certificate chain behavior.

When certificates are uploaded in the Access Gateway Management console, they aren't synced with the worker nodes until they're associated with an application and the application is then saved. The application must also be updated whenever the associated certificate is updated in the Access Gateway Management console.

See Certificate management for details of obtaining, uploading, and associating certificates with back end protected web resources.

See Certificate chain management for details managing certificate chains, assigning certification chain validation to applications, and related topics.