dyzulk/trustlab-docs
1
0
Fork 0
mirror of https://github.com/dyzulk/trustlab-docs.git synced 2026-01-26 05:25:38 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
03355781be5b8009e454eb3f815d79c7cbfb8be4
trustlab-docs/pages/guide/certificates/request-new.mdx

53 lines
2.2 KiB
Plaintext
Raw Blame History

import { Steps, Callout, Cards, Card } from 'nextra/components'
import { FileBadge, ShieldCheck, Globe, Code } from 'lucide-react'
# Requesting a New Certificate
TrustLab provides a streamlined wizard to generate private SSL/TLS certificates for your internal infrastructure.
## Prerequisites
Before starting, ensure you have:
* Active TrustLab account access.
* **Root CA** installed on your machine (to trust the generated certs).
---
<Steps>
### 1. Open Certificates Menu
Navigate to the **Certificates** page. This view lists all your active and expired certificates. Click the **"Generate New"** (or "+") button to start.
![Certificates List](/images/guide/certificates-screen.png)
### 2. Enter Domain Details (Default Mode)
By default, you only need to provide the Identity. The system will auto-fill the Organization & Location metadata.
![Default Generation Modal](/images/guide/certificates-generate-modal-default-metadata-screen.png)
* **Common Name (CN)**: The primary domain (e.g., `app.internal`).
* **SANs**: Additional domains or IP addresses.
* **Key Strength**: Choose the encryption level.
![Key Strength Selector](/images/guide/certificates-generate-modal-key-strength-focused-screen.png)
* **2048-bit**: Industry standard, compatible with all devices.
* **4096-bit**: Higher security, slightly more CPU intensive.
### 3. Customize CSR (Manual Control)
Toggle **"Manual Control"** if you need to override the default Identity fields (e.g., for a specific branch office or legal entity).
![Manual Control Modal](/images/guide/certificates-generate-modal-manual-control-screen.png)
* **Organization (O)**: Override the default company name.
* **Locality (L) / State (ST)**: Set specific location data.
* **Country (C)**: ISO Code.
### 4. Submit & Download
Click **Generate**.
* **Private Key**: The system will prompt you to download the `.key` file. **This is the only time it is available.**
* **Certificate**: The `.pem` / `.crt` file will be available for download immediately.
</Steps>
<Callout type="warning" emoji="⚠️">
**Security:** Your **Private Key** is shown/downloaded **ONLY ONCE**. Store it securely immediately. If lost, you must revoke and reissue the certificate.
</Callout>
Reference in New Issue View Git Blame Copy Permalink