Certificate Manager

Introduced in SwaggerHub On-Premise 1.19.2.

Use the Certificate Manager in the Admin Center to store and manage SSL/TLS certificates used by SwaggerHub On-Premise: the certificate for HTTPS access, and trusted certificates for LDAP connections. You can also view details for each certificate, such as the expiration date, common name (CN), issuer, and so on.

SwaggerHub On-Premise Certificate Manager

Certificate requirements

Before uploading any certificates, see the requirements for SSL certificates, load balancer trusted certificates and trusted LDAPS certificates.

Upload a certificate

  1. In the Certificate Manager, click Import Certificate.

  2. Browse for the Certificate File (typically a PEM file).

  3. If this certificate is for the SwaggerHub server itself (for HTTPS access), specify the Private Key. The private key must be in the PKCS #8 format and not encrypted. Paste the key value exactly as it was generated, including the BEGIN PRIVATE KEY and END PRIVATE KEY lines.

  4. Specify a Friendly Name and an optional Description for this certificate.

    Uploading a certificate
  5. Click Import.

  6. In the Admin Center, go to the Settings page, apply this certificate via the corresponding option in SSL settings or LDAP settings.

  7. Click Save Changes and Restart. Wait a few minutes for the system to restart completely.

View certificate information

The Certificate Manager displays certificate information in the following columns. You can sort and filter by any columns.


If a certificate file contains multiple certificates (for example, intermediate and root), the displayed information is for the first certificate only.



Friendly Name

A unique display name for this certificate.

Common Name

The CN field of the certificate. This is typically a domain name (example.com), a wildcard domain (*.example.com), or an IP address. Alternative domains or IP addresses are specified by the SAN field.

Private Key

Indicates whether a private key was provided along with the certificate. A private key is required for the SwaggerHub server certificate.

Note: This flag is based on whether a key was specified in the Private Key field on the certificate import screen. It does not indicate keys included in the certificate files.

Used By

Indicates how the certificate is used. SSL indicates the SwaggerHub server certificate and trusted certificates used in the SSL Certificate Trust Chain option. LDAP indicates trusted certificates for LDAP connections.

Expires In

Shows how many days are left until the certificate expires. Certificates that expire within the next 30 days are highlighted in red.

Expand the rows in the table to view other details, including the certificate Issuer, SAN, and Description.

Download a certificate

Click Download next to the needed certificate in the list.

Replace a certificate

You can replace a certificate, for example, if it is about to expire.

  1. Upload the new certificate to the Certificate Manager.

  2. In the Admin Center, go to the Settings page and apply the new certificate via the corresponding option in SSL settings or LDAP settings.

  3. Click Save Changes and Restart for the certificate change to take effect.

  4. Delete the old certificate from the Certificate Manager.

Delete a certificate

Before deleting a certificate, make sure that:

  • It is not used (the Used By column is empty).

  • You have a backup copy of any important certificates and their private keys.

To delete a certificate, click Delete User next to this certificate in the Certificate Manager.

See Also

Publication date: