Skip to content

Downloading certificates, certificate chains, and keystores

Tip

This feature is not yet available in the Next Gen certificate inventory. Please use the classic inventory until this feature is ported to the new page.

You can download both certificates and keystores from TLS Protect Cloud after a certificate has been issued. This can be done using the TLS Protect Cloud or via the API.

Downloading a keystore

Keystore download is available only when the key pair was generated by Venafi.

For information on using the API, see Downloading a certificate.

  1. Go to Inventory > Certificates to find the certificate you want to download.

    OR

  2. Go to Applications and find the application that the certificate is assigned to. In the certificate's row, click the number in the Certificates column. This opens the certificate inventory filtered on this application's certificates.

  3. Click the checkbox next to the certificates that you want to download.

    1. In the local menu bar, click Download.
    2. Select the Certificate only radio button.
    3. Select the PEM (End entity only) radio button.
    4. Click Download.
    1. In the local menu bar, click Download.
    2. Select the Certificate only radio button.
    3. Select either of the PEM (full chain) options, depending on whether you want the End Entity (EE) or Root certificate listed first in the download.
    4. Click Download.

    Downloading a keystore

    Keystore download is available only when the key pair was generated by Venafi.

    1. In the local menu bar, click Download.
    2. Select the Keystore radio button.
    3. Choose and export format.
    4. Enter a password, which will be used to encrypt the private key.
    5. Click Download.