Managing Certificates

EmpowerID provides a utility application, the EmpowerID Certificate Manager, that you can use to view and manage the various certificates used in your deployment. These certificates include everything from the Server and SSL certificates to third party certificates used in a federated partnership, as well as personal certificates issued to individual users. When you open the utility, it displays any certificates currently stored in the Identity Warehouse and provides functionality for importing, generating and validating certificates.

Each certificate you add to EmpowerID is stored as a record in the CertificateStore table of the EmpowerID Identity Warehouse.

In a default installation of EmpowerID, the path to the executable for the EmpowerID Certificate Manager utility is located at:

C:\Program Files\TheDotNetFactory\EmpowerID\Programs\EmpowerID.CertificateManager.exe

To import certificates

  1. From the Import tab of the EmpowerID Certificate Manager, select the appropriate method for importing the certificate and follow the dialogs for that method. For example, if you are importing a certificate from file, select Upload from Certificate File and then browse for the file.
  2. Enter a password for the certificate and click Ok.

To generate test certificates

  1. From the Generate tab of the EmpowerID Certificate Manager, select the appropriate method for the type of certificate you want to generate. For example, if you want to generate an X509 certificate, you select X509 Certificate.
  2. This opens the Certificate Information pane.

  3. From the Certificate Information pane, do the following:
    1. Type a password for the certificate in the Password field.
    2. Specify the Output Folder for the certificate file by clicking the Browse button and selecting the desired folder.
    3. Optionally, select whether to import the generated certificate to the either the EmpowerID Certificate Store, the Local Certificate Store or both.
    4. When ready, click Generate.
    5. After completing the operation, the EmpowerID Certificate Manager displays the results in the Certificate Details pane

To validate certificates

  1. From the Validate tab of the EmpowerID Certificate Manager, select the appropriate Browse Certificate method that corresponds to the location of the certificate. For example, if you want to validate a certificate from file, click Select from Certificate File and then browse for the file.
  2. Type the password for the certificate in the Password field and click Ok.
  3. From the Certificate Purpose pane, select either Federation or SSL.
  4. Click Validate.
  5. After completing the operation, the EmpowerID Certificate Manager displays the results in the Validation Summary pane.

    If the certificate does not meet All of the requirements specified in the Certificate Requirements topic, the validation operation will fail.

To remove certificates from the EmpowerID Certificate Store

  1. Log in to the EmpowerID Management Console as an administrative user.
  2. Click the EmpowerID icon and select Configuration Manager from the application menu.
  3. From Configuration Manager, expand the EmpowerID Configuration Manager node and then click Manage Certificates.
  4. From the grid, right-click on the record for the certificate you want to remove and select Remove from the context menu.