Add Certificate Authorities in Smart ID
This article is valid for Smart ID 21.04 and later.
This article describes how to add Certificate Authorities in Smart ID components.
<SMARTIDHOME>
In this article, <SMARTIDHOME> refers to /home/nexus, but this can be different depending on the setup.
For Smart ID components to trust Certificate Authorities (CA), the CA certificates must be available in Smart ID. This is needed if you want to:
- trust external services, like LDAPS, Smart ID Messaging (Hermod), and TLS database connections.
- use Client Certificate Authentication.
To trust certificate authorities (CAs), do the following:
- Store the CA certificates in <SMARTIDHOME>/docker/compose/cacerts, in binary (.cer) format.
- Restart all running Smart ID containers on the host where certificates are added.