66 lines
3.1 KiB
ReStructuredText
66 lines
3.1 KiB
ReStructuredText
.. _certificates-label:
|
|
|
|
Certificates
|
|
====================
|
|
|
|
Overview
|
|
--------
|
|
|
|
Import and store X.509 certificates within SEB Server is a new feature since SEB Server version 1.2. This allows an institutional administrator
|
|
or an exam administrator to upload and store certificates for further use within SEB Server.
|
|
|
|
.. note::
|
|
Certificates uploaded to SEB Server are stored in a secured certificate-store that is stored within the data base rather than a
|
|
usual file. The certificated store is password secured and only the binary data of the certificate store is placed into the
|
|
database for security reasons.
|
|
|
|
Once a certificate has been uploaded to SEB Server it can be used for various other features of SEB Server where a certificate is needed.
|
|
One feature that also comes with the SEB Server version 1.2 is the ability to encrypt a connection configuration with a certificate
|
|
that has the right purpose (Identity) to do so. If you need this feature already, please have a look at: :ref:`connection-configuration-label`.
|
|
Other planed features are the import of certificate encrypted exam configurations as well as to embed certificates within an exam configuration
|
|
to allow certificate pinning between SEB and LMS/Assessment Tool.
|
|
|
|
There is currently certificate upload support for two version of certificates:
|
|
|
|
**PEM**
|
|
|
|
This are usually non password protected certificates in different file-formats. SEB Server currently supports the following PEM file-formats:
|
|
|
|
- .pem
|
|
- .crt
|
|
- .cer
|
|
|
|
**PKCS12**
|
|
|
|
This are usually password protected certificates in different file-formats. SEB Server currently supports the following PKCS12 file-formats:
|
|
|
|
- .p12
|
|
- .pfx
|
|
|
|
.. image:: images/certificates/cert_list.png
|
|
:align: center
|
|
:target: https://raw.githubusercontent.com/SafeExamBrowser/seb-server/dev-2.0/docs/images/certificates/cert_list.png
|
|
|
|
|
|
Use Cases
|
|
---------
|
|
|
|
**Upload a certificate**
|
|
|
|
- To upload and store a certificate of supported file type, please open the "SEB Configuration" section and select the "Certificates" page
|
|
- You will see the list of known certificates from the SEB Server like in the picture above.
|
|
- Choose "Import Certificate" from the right action pane and the upload dialog will open.
|
|
- Within the upload dialog, select the certificate file on your local machine that you want to upload.
|
|
- If the certificate is password protected, you will need to give the password to upload the certificate.
|
|
- Click on "OK" to start the import.
|
|
- If the import is successful, the imported certificate will show up in the list. Otherwise, SEB Server will display an error message with the reason of failure.
|
|
|
|
**Remove / delete a certificate**
|
|
|
|
- To permanently delete a stored certificate on SEB Server, please open the "SEB Configuration" section and select the "Certificates" page
|
|
- You will see the list of known certificates from the SEB Server like in the picture above.
|
|
- Please select the certificate you want to remove.
|
|
- Choose "Remove Selected Certificates" from the right action pane and a configuration dialog will appear.
|
|
- If you are sure to delete the selected certificate(s), click on "OK" to delete.
|
|
- The deleted certificates disappear form the certificates list.
|
|
|