Generating a Self-Signed Certificate

In this section, the process of generating a Self-Signed Certificate in the Authentication slot of your Crescendo device is demonstrated. When completed, a newly generated Authentication certificate will be stored in your Crescendo device and available for use with any system which supports standard PKI certificates.

1. To generate a Self-Signed Certificate in the Authentication PKI certificate slot, from the Configure Digital Certificates screen, select the Authentication certificate type and click the Generate button:

   

2. Next, choose the Self Signed Certificate option. In the example below, we have chosen the RSA2048 Algorithm from the pull-down menu. We have also set a certificate subject – the name of the entity that the certificate is meant to authenticate on behalf of – as well as a chosen expiration date. Once all options are set as desired, click the Generate button to proceed:

   

Warning! Certificate slots can hold only a single certificate at any given time. If a certificate is generated, loaded, or imported into a slot after one is already present, the new certificate will replace the old one. There is no warning, and this operation is irreversible. Please see Exporting a Certificate from a Populated Slot for instructions on exporting a certificate if you wish to keep the existing certificate before overwriting it.

3. When prompted, enter the PIN for the Crescendo device, and click Submit:

   

   If the operation is successful, the success message appears in the upper-right corner of the screen:

   

The certificate information is now visible in for the highlighted certificate type slot:

The certificate in your Crescendo device may now be used to perform cryptographic operations in supported environments.