Upload the Mutual Authentication root certificate

In mutual authentication, the edge server asks the client device to present a valid certificate before a secure connection is established and the service of the server accessed. To verify the certificate that the device uses to identify itself, you need to provide edge servers with a root CA certificate or a certificate chain that signed the device’s certificate.

To start verifying devices’ certificates, you can upload a root CA certificate or a certificate chain in the Certificate Provisioning System (CPS). You can only upload one file that is a X.509 certificate in PEM format. A PEM certificate is a base64 encoded DER file that contains ----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- statements. If your CA provides you with a certificate that is not in PEM format, you can convert it to PEM format using an SSL converter.

Before you begin

Use Trust Chain Manager to create a certificate set. Follow Trust Chain Manager.

How to

  1. Go to > CDN > Certificates.
  2. Select the certificate that you want to use for Mutual Authentication.
  3. From the certificate's Actions menu, select View and Edit Deployment Settings.
  4. In the Mutual Authentication section, click Edit.
  5. From the Certificate set menu, select a certificate set.
  6. Click Submit.

What you should see

Your certificate redeploys to the Akamai network with the new settings.