The Issued Certificates page (Usage > Issued Certificates) is visible only when uploading a new CA certificate with CRL enabled.
Being the CA means that the AppGate ZTNA system initially uses a self-signed root CA certificate to issue certificates. These certificates are then used to establish trusted peer-to-peer communications between appliances and from Client to appliance. When enabled, Controllers keep track of all issued certificates.
Background information
For more information about managing CA certificates, see the Internal Certificates section.
Actions
It is possible to revoke multiple certificates at one time from the Issued Certificates page. The Admin UI tools page provides more information about performing bulk actions.
Action Buttons
Action buttons are accessed by clicking three dots icon (
) to the right of each line item in the page or from the <Actions> button within the item. They are contextual, changing depending on the type of item and the state of the item. The Action button in the Issued Certificates page displays the following options:
Revoke Certificate. Revokes the Client certificate. Appliance certificates cannot be revoked. If you need to revoke an appliance certificate, renew the certificate or deactivate the appliance, which will revoke the certificate.
Download Certificate. Downloads the certificate.