GlobalSign Atlas API Credentials Generation Guide
Purpose
This document explains how to generate the API Credentials and mTLS certificate in GlobalSign Atlas and outlines the full set of requirements to integrate it with the CertSecure Manager Connector.
Prerequisites for API Credentials Generation
-
Active GlobalSign Atlas Account
You must have a valid and accessible GlobalSign Atlas account with a valid certificate service and a valid identity, required to create API Credentials.
-
User Role with API Permissions
Recommended roles: Administrator or Manage Certificates and Manage Credentials. Other roles may have limited API access.
Steps for API Credentials Generation and mTLS Certificate Issuance via GlobalSign Atlas
Steps to Generate API Credentials
The following are the steps to create API Credentials for GlobalSign
-
Log in to GMO GlobalSign Atlas
-
In the left side panel, navigate to “Access Credentials > API Credentials”.
-
Click on the “Generate an API Credential” button.
-
Select “View and Copy” and click “Continue”.
-
Select an active service and click continue.
-
Select a single valid identity and click continue.
-
Give the credentials a distinguishable name and click continue.
-
Download and save the API Credentials.
Steps to Generate a CSR for mTLS certificate
The following are the steps to create an mTLS certificate for the GlobalSign API Credentials.
-
Log in to CertSecure Manager
-
Navigate to “Enrollment > Generate CSR”
-
Fill in the certificate details for the mTLS certificate. Enter a password to encrypt the private key.
-
Click on the “Generate CSR” button and download the CSR and private key files.
Note: We will be using this CSR to issue the GlobalSign mTLS certificate, and the private key file and the password will be required during the agent installation process.
-
Next, Log in to GMO GlobalSign Atlas
-
In the left side panel, navigate to “Access Credentials > mTLS Certificate”.
-
Click on the “Generate a mTLS Certificate” button. Click on Continue under the “Directly via the API” option.
-
Select the API Credential that we created in the previous step and click continue.
-
Paste the CSR that we have generated from CertSecure Manager earlier and click on “continue”.
-
Download and save the mTLS Certificate.
Additional Requirements for CertSecure Manager Connector Integration
Once the API credentials and mTLS certificate are generated:
-
The CLM Connector must be configured with the API credentials.
-
Ensure the connector machine has access to the GlobalSign API endpoint (using the mTLS certificate)
https://emea.api.hvca.globalsign.com:8443/v2