Associating a certificate with an application from the certificate object
You must have Write permissions to the Certificate object and either Write or both Associate and Read permissions to the Application object before you can associate certificates with an application object.
To associate a certificate with an application from the certificate object
- From the TLS Protect menu bar, click Policy Tree.
-
In the Policy tree, select the Certificate object you want to associate with the application, and then click the Associations tab.
-
In the Details view, click Add.
The Applications Selector dialog opens.
-
Expand the parent Device object, then select the Application object you want to associate with the certificate.
You must have either Write or both Associate and View permissions to the Application object to select it in the Applications Selector dialog.
-
Click Select.
The Application object is added to the certificate’s list of associated applications.
-
Repeat the previous three steps for every application you want to associate with the certificate.
For more information on one-to-many configurations, see Associating certificates with multiple applications (one-to-many).
Certificate object associations options
The following table reviews the options available on the Associations tab.
|
Option |
Description |
|
Column Sort |
To sort the list by a particular column, click on the column heading. The sort toggles between ascending and descending order. NOTE In Policy Tree, the column sort order is stored in the administrator’s User object. Therefore, Policy Tree always reflects the user’s most recent column sort order, even if the administrator logs in from another workstation. In Policy Tree, the column sort order is reset every time you log in unless you bookmark the page. When you bookmark the page, the column sort order is saved and applied the next time you open that view. To bookmark the page, define the column sort order, and then click the share icon. |
|
Columns |
Determines the columns that display on the Certificate Associations tab. NOTE In Policy Tree, the column settings are stored in the administrator’s User object. Therefore, Policy Tree always reflects the user’s most recent column settings, even if the administrator logs in from another workstation. In Policy Tree, the column settings are reset every time you log in. To access the Column menu in Policy Tree Click the drop-down menu icon for a given column. Click Columns. |
|
Columns (continued) |
{3} From the Columns menu, you can select the columns that you want to display in the Discovery Results tab.
To access the Column menu in Policy Tree, right-click any column heading, then select the columns that you want to display in the Discovery Results tab. |
|
Add |
Associates an Application object with the current certificate. IMPORTANT You must have Write permissions to the Certificate object and either Write or both Associate and Read permissions to the Application object to associate an application with the current certificate. If you do not create a Network Certificate object below its associated Application object, Trust Protection Platform displays a Certificate Alias object below the associated Application object so you can see which certificates are associated with which applications. NOTE Alias objects are hidden by default. To view Alias objects in the Policy tree, you must enable the Show Aliases option. In the Windows console, click File > Preferences > Policy Tree, then select Show Aliases. In Policy Tree, click Show All > Show Aliases. |
|
Delete |
Disassociates the selected Application object from the certificate. IMPORTANT You must have Write permissions to the Certificate object and either Write or both Associate and Read permissions to the Application object to disassociate it from the current certificate. This option does not delete the Application object from the Policy tree or remove the certificate from the application’s server. |
|
Push |
Pushes the current certificate and private key to the selected application. IMPORTANT You must have Write or Private Key Write permissions to the Certificate object and either Write or both Associate and Read permissions to the Application object to push the certificate to the selected application. IMPORTANT If the certificate and private key already exist on the target server, the push operation replaces the existing certificate and private key. Trust Protection Platform will not process a push operation unless the following conditions are met:
|
|
Extract |
Extracts the certificate and private key installed on the selected Application objects. This option is available only in Policy Tree. IMPORTANT You must have Private Key Write and Write permissions to the Certificate object and both Read and Private Key Read permissions to the Application object to extract a certificate and private key from an application. Trust Protection Platform compares the extracted certificate and private key with the current certificate. If there is a mismatch, Trust Protection Platform asks if you want to overwrite the current certificate and private key. For more information, see Extracting certificates and private keys. |
|
Enable Disable |
Toggles between enabling and disabling the processing of certificates on the selected application objects. When you disable processing, Trust Protection Platform does not attempt to install, renew, process, or validate certificates for the current application. IMPORTANT You must have Write permissions to the Certificate object and either Write or both Associate and Read permissions to the Application object to enable or disable the certificate on the selected application. |
|
Retry Installation |
Reattempts to install the certificate on the selected application(s). IMPORTANT You must have Write permissions to the Certificate object and either Write or both Associate and Read permissions to the Application object(s) to retry installing the certificate on the selected application(s). |
|
Export |
Exports the Associations data to a CSV, tab-delimited, HTML, or XML file. |
|
Refresh |
Refreshes the contents of the current page. |