Generate a Self-Signed Certificate

After generating a Self-Signed Certificate in the Authentication slot of your Crescendo device, the newly generated Authentication certificate will be stored in your Crescendo device and available for use with any system which supports standard PKI certificates.

1. To generate a Self-Signed Certificate in the Authentication PKI certificate slot, from the Configure Digital Certificates screen, select the Authentication certificate type and click the Generate button:

   

2. Next, choose the Self Signed Certificate option.

   In the example below, we have chosen the RSA2048 Algorithm from the pull-down menu. We have also set a certificate subject – the name of the entity that the certificate is meant to authenticate on behalf of – as well as a chosen expiration date. Once all options are set as desired, click the Generate button to proceed:

   

Warning! Certificate slots can hold only a single certificate at any given time. If a certificate is generated, loaded, or imported into a slot after one is already present, the new certificate will replace the old one. There is no warning, and this operation is irreversible. See Export a Certificate from a Populated Slot for instructions on exporting a certificate if you wish to keep the existing certificate before overwriting it.

3. When prompted, enter the PIN for the Crescendo device, and click Submit:

   

   If the operation is successful, the success message appears in the upper-right corner of the screen:

   

The certificate information is now visible in for the highlighted certificate type slot:

The certificate in your Crescendo device may now be used to perform cryptographic operations in supported environments.