GlobalSign Atlas API Credentials Generation Guide

Purpose

This document explains how to generate the API Credentials and mTLS certificate in GlobalSign Atlas and outlines the full set of requirements to integrate it with the CertSecure Manager Connector.

Prerequisites for API Credentials Generation

  1. Active GlobalSign Atlas Account

    You must have a valid and accessible GlobalSign Atlas account with a valid certificate service and a valid identity, required to create API Credentials.

  2. User Role with API Permissions

    Recommended roles: Administrator or Manage Certificates and Manage Credentials. Other roles may have limited API access.

Steps for API Credentials Generation and mTLS Certificate Issuance via GlobalSign Atlas

Steps to Generate API Credentials

The following are the steps to create API Credentials for GlobalSign

  1. Log in to GMO GlobalSign Atlas

  2. In the left side panel, navigate to “Access Credentials > API Credentials”.

  3. Click on the “Generate an API Credential” button.

    Generate API Credential
  4. Select “View and Copy” and click “Continue”.

    View & Copy
  5. Select an active service and click continue.

    Link to service
  6. Select a single valid identity and click continue.

    Valid Identity
  7. Give the credentials a distinguishable name and click continue.

    Credential Naming
  8. Download and save the API Credentials.

    Download Credential

Steps to Generate a CSR for mTLS certificate

The following are the steps to create an mTLS certificate for the GlobalSign API Credentials.

  1. Log in to CertSecure Manager

  2. Navigate to “Enrollment > Generate CSR”

  3. Fill in the certificate details for the mTLS certificate. Enter a password to encrypt the private key.

    CSR Generation
  4. Click on the “Generate CSR” button and download the CSR and private key files.

    CSR & Private Key

    Note: We will be using this CSR to issue the GlobalSign mTLS certificate, and the private key file and the password will be required during the agent installation process.

  5. Next, Log in to GMO GlobalSign Atlas

  6. In the left side panel, navigate to “Access Credentials > mTLS Certificate”.

  7. Click on the “Generate a mTLS Certificate” button. Click on Continue under the “Directly via the API” option.

    Direct via API
  8. Select the API Credential that we created in the previous step and click continue.

    API Credential Seleciton
  9. Paste the CSR that we have generated from CertSecure Manager earlier and click on “continue”.

    Paste CSR
  10. Download and save the mTLS Certificate.

    Save mTLS Certificate

Additional Requirements for CertSecure Manager Connector Integration

Once the API credentials and mTLS certificate are generated:

  • The CLM Connector must be configured with the API credentials.

  • Ensure the connector machine has access to the GlobalSign API endpoint (using the mTLS certificate)

    https://emea.api.hvca.globalsign.com:8443/v2