Request signing certificates

You can request new signing certificates using the 10Duke Scale UI console.

Request signing certificates in the UI console

When you request new signing certificates in the UI console, all form fields are mandatory. Unsupported characters will be automatically removed.

1. In the left sidebar, go to SETTINGS > Signing certificates.

2. Click Request new certificate to open the form.

   

3. In Subject common name, define the common name of the certificate subject. This name represents your organization and/or product.

   It is recommended to use only letters and numbers in the name.

4. In Organization name, define the name of your organization.

5. In Organization unit / department, define the name of the unit or department responsible for the delivery of the application you are licensing.

6. In Locality (city), define the city or municipality where your organization has the office that provides the application you are licensing.

7. In State or province, define the state or province where your organization has the office that provides the application you are licensing.

8. In Country code, define the country where your organization has the office that provides the application you are licensing. Use a 2-letter alpha-2 country code as defined in the ISO 3166 standard.

9. Click Submit.

10. Refresh the list of signing certificates.

    The new certificate is added at the bottom of the list, and set as active.

Next steps

• Create new license token validation keys, if needed.

• Request a certificate for the new keys, or if there are existing token validation keys without a certificate, request a certificate for them.

• Embed the signing certificate(s) into your client application(s).

• When loading license token signing keys from the JWKS endpoint, verify that the x5c certificate chain leads to signing certificates that the client application trusts (see more details on x5c certificate chain in RFC 7517).