Managing Certificate Lifecycle
Enroll
To enroll a certificate via Stream:
1. Log in to the Stream Administration Interface.
2. Go to OpenSSH > Enroll. You’ll be prompted to fill the following information:
-
CA (select) : The CA that will issue the certificate. The CA must be managed by Stream;
-
Template (select) : The Stream certificate template to use to issue the certificate;
-
Public key type : Whether the Key to sign is in a dedicated file (File option) or in the clipboard (Text option);
-
Public key field : The key to sign (file or PEM-string).
-
Principals field : The principals to sign the certificates for.
3. Click the Enroll button.
Your certificate should now be visible in the Stream search engine.
Revoke
To revoke a certificate in Stream:
1. Log in to the Stream Administration Interface.
2. Go to OpenSSH > Search then find the certificate you want to revoke.
3. Click 
on the certificate you want to revoke. Alternatively, you can click on the certificate’s DN then click Action > Revoke.
Your certificate status should turn red.
Search
To search for certificates in Stream, log in to the Stream Administration Interface and then go to Certificates > Search.
Here are all the search criteria you can use:
-
CA: the issuing certificate authority
-
Template: the certificate template the certificate has been enrolled on
-
Status: the validity status of the certificate (valid, revoked or expired)
-
Valid after: the date after which the certificate will be valid
-
Valid before: the date when the certificate will expire
-
Key ID: the certificate’s key ID
You can combine any number of them to refine your search.