Certificates search results page

Use the certificates search page to view details about certificates used by all communities, partners and servers for all purposes, including encrypting and signing traded messages and securing connections (SSL). You can view root certificates, whether your own self-signed certificates or those issued by certificate authorities. You also can view intermediate and end-entity certificates. Certificates can be deleted from the certificate store and the database.

The page primarily is for searching for and diagnosing certificates. It is not for importing certificates, changing the usage of certificates or generating certificates.

In addition to the certificates search page, there are other places in the user interface for viewing certificates (see Manage certificates). The search page, however, provides the broadest view of all certificates at once.

To open the certificates search page:

  1. Select System management > Manage certificates on the top toolbar. Or, click System management to open the System management page.
  2. Click the task Manage certificates to open the Search results page.

When you open the page the first time, before adding any end-entity trading or server certificates, many certificates are displayed on the search results side of the page. These are pre-loaded certificates from certificate authorities. All are intermediate, root CA or self-signed certificates. None are end-entity certificates. If you have not added any certificates, you can confirm this by searching for end-entity certificates only.

To successfully trade using CA-issued certificates, Activator must be able to establish the chain of trust running through end-entity, intermediate and root certificates. This is why Activator is pre-loaded with many intermediate and root certificates issued by various CAs. These certificates are available for trusting upon importing end-entity certificates containing public-private encryption key pairs or only public keys.

For information on the types and uses of certificates, see Certificates and keys.

The primary parts of the certificate search page are the certificates search panel on the left side and the search results area on the right. Controls for performing searches based on conditions are on the left panel. Certificates matching search conditions display on the right, along with links for viewing more detail

Certificates search panel

By default, the search panel, located on the left side of the page is closed. Click the Show/Hide tab to open the panel.

The certificates search panel on the left side has controls for specifying conditions for searching for certificates and displaying results. You can click Show/Hide to collapse or expand the panel as desired.

The following fields enable you to launch, manage and save searches:

Search name

If you leave the field blank and click Find, messages matching conditions set in the certificates search panel are searched for. Once search results are displayed, you can type a name for the search in the search name field and click Save. Later you can run the same search again by selecting the saved search from the search name drop-down list under the Saved searches section of the certificates search panel.

Search commands

  • Find – Search for all certificates matching any conditions specified on the search page. If no conditions are specified, the default action is to search for all certificates.
  • Save – Save the conditions for a search you have performed. Use saved searches to repeat the application of search criteria without re-entering the criteria.
  • Clear – Clear the page of search conditions and begin a search from scratch.

Results display controls

  • Certificates per page – Enter a maximum number of lines for display in search results. Default = 50 results per page
  • Maximum # of search results – Enter the maximum number to limit the total number of search results. Default = 500

Saved searches

  • Search name  – Use the drop-down box to display and select the name of any saved searches. Then use the commands in this section to Remove or Execute the selected saved search.
  • Manage shared searches - Click this command to open screens that enable you share or unshare any of your saved certificate searches.

Filters

Use the filter options in this section of the panel to filter your search results:

  • Friendly name – Friendly name of the certificate.
  • Serial number – Decimal or hexadecimal certificate serial number.
  • Type:
    • Root CA
    • Intermediary
    • End Entity
    • Self-signed
  • Key usages:
    • Encryption
    • Signing
    • Non-repudiation
    • Encryption and signing
    • Unknown
  • State:
    • Pending
    • Operational
    • Expired
    • Failed
    • Revoked
    • Unknown
  • Application usage:
    • Encryption
    • Sign EDIINT messages and receipts
    • SSL
    • Unused
  • Filter by:
    • Subject
    • Issuer

Extensions

Pick from a list of predefined extensions, or create your own custom extensions to use as search filters. To use a custom extension you must use an object identifier (OID). For a list of OIDs, see http://www.alvestrand.no/objectid/top.html.

Date validity

Use the date validity fields to specify a validity beginning and/or end date for the certificate.

To save a search:

  1. Set conditions for a search and click Find to run the search.
  2. When the search results are displayed, type a name for the query in the search name field at the top left of the certificates search panel.
  3. Click Save.

View and work with search results

On the search page, you can view and work with search results.

A plus sign (+) located next to a certificate indicates that you can expand the view to include related intermediate or root certificates.

Click Details on an entry to open a details pop-up window for a certificate. The window provides much information about the certificate on multiple tabs.

You can use the Details window to:

  • Attribute a friendly name to the certificate
  • Delete the certificate
  • Export the certificate to a file

To the left of the Details link for a certificate is the Find descendants icon. Click this icon to open to open the Certificate descendants page. The page lists details about the certificate as well as the descendants of the certificate, if any exist. A descendant is a certificate that is issued by the certificate you are currently viewing, or by another descendant of the same certificate.

A plus sign (+) located to the left of a results row, indicates that the certificate has other certificates in its path. Click the plus sign to display the roots.

Related Links