During the certificate renewal process, the bank team initiates the procedure by sending a
Certificate Signing Request (CSR) file. Once received, we proceed with the renewal using the Rover
tool. The process begins by entering key details such as the server name, remote path, and the case
ID associated with the request. After filling in these fields, we upload the provided CSR file to
the system. We then enter a meaningful description name to identify the request and specify the
desired names for the CRT (certificate) file and the P7B (certificate chain) file. With all the
necessary inputs in place, the system allows us to generate the CRT and P7B files. Once generated,
these files can be downloaded for further deployment or archiving. Additionally, the tool provides
functionality to access and manage access tokens if required. Users can also view detailed
information about the generated CRT file to verify its validity and configuration. If needed, the
system also includes an option to revoke the certificate, ensuring secure and controlled management
of digital credentials throughout the lifecycle.
β¨Certificate Renewal
Secure Digital Certificate Management System
Operation Title: Certificate renewal
Over view: Generate the certificate and p7b files.
Key Features:
- Functionality for the certificate renewal
- Triggers certificate renewal via .xlsx upload and server path case id
- Here we can generate the certificate and p7b files
- Download generated files and access token
- How to use the Certificate renewal Form
- Certificate Renewal tables
- View metadata and revoke certificates
- Final Output β Certificate Output, Review, and Control
List of Figures:
- Figure 5.1 β Search Bar and Refresh Options
- Figure 5.2 β Upload Certificate Renewal Form Pop-up
- Figure 5.3 β Form Field Entry and CSR Upload
- Figure 5.4 β Certificate & P7B File customer details
- Figure 5.5 β CRT and P7B File Generation Interface Options
- Figure 5.6 β Download the Certificate & P7B File and Token
- Figure 5.7 β Region Selection from Navbar
- Figure 5.8 β Certificate Table with Date, Server, CRT Filename
- Figure 5.9 β Case ID & Common Name Display
- Figure 5.10β Files Download Pop-up
- Figure 5.11β CRT File Metadata View and Navigation
- Figure 5.12β Access Token Retrieval & Certificate Metadata
- Figure 5.13β Revoke Certificate Interface and Confirmation
π Overview
π Introduction
In secure banking and enterprise environments, digital certificates play a critical role in ensuring encrypted communication, authentication, and data integrity. To maintain uninterrupted service and compliance with security protocols, it is essential to regularly renew certificates before they expire. This document outlines the step-by-step process followed during certificate renewal using the Rover tool, which enables secure management of CSR files, certificate generation, and lifecycle operations such as download, verification, and revocation.
βοΈ Functionality
Figure: 5.1
1
π Search Bar
Users can search for specific files by entering text like a case ID or crt filename. This makes it easier to quickly find the needed file without browsing through the whole list.
2
π Refresh and Sync
Red Circular Arrows: Refreshes the table to display the latest updated data.
Figure: 5.2
3
π€ Upload File Button
When the Upload button is clicked, a certificate renewal form opens where the user selects the server, enters the remote path and Case ID, uploads an Excel file (only .xlsx files are supported), adds a description, and submits the form.
Figure: 5.3
π€ Customer Information Display
After uploading the necessary details, the system automatically fetches and displays the complete customer information. This data appears just below the description field, allowing users to quickly verify and review the customer's profile.
Figure: 5.4
π Certificate Generation
Here, we can generate the certificate renewal form along with the P7B file. Once both files are generated, the renewal details can be copied from the terminal table below, and we can proceed to the next form to continue the renewal process.
Figure: 5.5
π₯ File Download & Access Token
Here, we can download the certificate renewal form along with the P7B file. Once both files are downloaded, the access token can be retrieved from the terminal, allowing us to proceed to the next form and continue the renewal process.
Figure: 5.6
Figure: 5.7
π How to Use the Certificate Renewal Form
NOTE: Before opening the certificate renewal form, users must select the region
from navbar.
Step-by-Step Process
- The user may enter a specific Case ID in the designated field or slot.
- The user can upload a file or Excel sheet in the designated field, ensuring it is correctly placed for processing.
- At last, enter a remark and Submit the form.
π Certificate Renewal Tables
4
Certificate Renewal Tables:
π
Date
Shows the exact date when the file was uploaded, so users can keep track of when files were added and manage different versions easily.
π₯οΈ Servername
This field shows the server name of the user who uploaded the file, enabling tracking and accountability.
π CRT File Name
This field displays the uploaded certificate file name and associated user details, ensuring tracking and accountability.
Figure: 5.8
π Case ID
A unique identifier linked to each uploaded file to helps to track and reference it easily.
π·οΈ Common Name
Here, the common name (CN) specified by the user during the certificate renewal process is displayed. This helps identify the primary domain or entity associated with the renewed certificate.
Figure: 5.9
π₯ File Download
The Download button enables users to retrieve the generated certificate renewal file and the corresponding P7B file separately. This functionality ensures flexibility in managing and deploying certificate components within secure environments.
Figure: 5.10
ποΈ View
Here, users can view or review details about the CRT file, including its metadata and configuration. By clicking the Next button, users can proceed to access the associated access token. This step ensures that the certificate and its credentials are validated before further use.
Figure: 5.11
π Access Token Data
Here, users can access the access token. By clicking the Next button in the view section, they can also view detailed information about the certificate, including its validity period, issuer, and other metadata.
Figure: 5.12
β Revoke
When the Revoke button is clicked, a pop-up appears displaying the subject name and the revocation command. Users can revoke a certificate if it is invalid, incorrectly formatted, or does not meet system requirements. This ensures that only valid certificates remain active, maintaining the integrity and security of the certificate lifecycle.
Figure: 5.13
π― Final Output
After submitting the required details and uploading the CSR file through the certificate renewal
form, the system generates the CRT and P7B files. These files are
available for download individually through a pop-up interface. The system also retrieves and
displays the access token, along with associated metadata such as
issuer, validity period, and common name. Users can view or review certificate details before
proceeding, ensuring accuracy and compliance. Additionally, the system provides an option to
revoke the certificate if needed, maintaining full control over the certificate
lifecycle. Each record is time-stamped and associated with a Case ID, allowing for
version control, traceability, and secure management of digital credentials.