Managing Certificate Lifecycle

Enroll

Stream’s RA is not supposed to be a comprehensive registration authority and should only be used when necessary. This simple RA is made for "on the fly" generation only. If you want more advanced RA features to manually enroll certificates, you should consider using Horizon’s Web RA.

To enroll a certificate via Stream:

1. Log in to the Stream Administration Interface.

2. Go to Certificates > Enroll. You’ll be prompted to fill the following information:

  • CA (select) : The CA that will issue the certificate. The CA must be managed by Stream;

  • Template (select) : The Stream certificate template to use to issue the certificate;

  • CSR type : Whether the CSR to sign is in a dedicated file (File option) or in the clipboard (Text option);

  • CSR field : The CSR to sign (file or PEM-string).

3. Click the Enroll button.

Your certificate should now be visible in the Stream search engine.

Revoke

To revoke a certificate in Stream:

1. Log in to the Stream Administration Interface.

2. Go to Certificates > Search then find the certificate you want to revoke.

3. Click revoke_certificate on the certificate you want to revoke. Alternatively, you can click on the certificate’s DN then click Action > Revoke.

Your certificate status should turn red.

Search

To search for certificates in Stream, log in to the Stream Administration Interface and then go to Certificates > Search.

Here are all the search criteria you can use:

  • CA: the issuing certificate authority

  • Status: the validity status of the certificate (valid, revoked or expired)

  • Template: the certificate template the certificate has been enrolled on

  • Certificate DNs: information regarding the certificate’s DNs

  • Expiration date: the date when the certificate will expire

  • Issuer: information regarding the certificate issuer’s DNs

  • Serial: the certificate’s serial number

You can combine any number of them to refine your search.