Index | Prev | Next

Exporting to back up certificates

Once all certificates are in place, it is a good idea to back up all certificates to a thumb drive or other storage device, such as a completely separate computer that resides in a vault.
Prerequisites: You are working in Workbench on the PC that you used to set up certificates.
Perform the following steps:
  1. Open the Workbench Certificate Management view by clicking Tools > Certificate Management, in the User Key Store, select the company’s root certificate and click Export.
    The Certificate Export window opens.
    Image
  2. Click the option to Export the certificate’s private key.
  3. Create a strong password to protect this private key and click OK.
    The Export Certificate file path window opens.
    Image
  4. Add to the name text to indicate that this file contains the private key, navigate to the rootcert folder, and click Save.
  5. Create a new folder under certManagement called servercerts.
  6. Navigate to each controller/station Certificate Management folder and save each server certificate with its private key in the new My File System > User Home > certManagement > servercerts folder.
  7. Using Windows’ File Explorer, copy the entire certManagement folder to a thumb drive or other location.
  8. Delete the contents of the certManagement folder.
     DANGER: Do not leave a root certificate or server certificates with their private keys in a PC file system that may be compromised! Store these certificates only on a thumb drive or PC that is in a secure and locked vault. As a best practice, avoid storing certificates in the cloud. 
If you followed these procedures, the company’s communication within this system is secure. Bear in mind, that certificates expire. When they expire you may need to sign and import new certificates again.

Related Links

  • Secure communication certificate setup (Parent Topic)

    • Index | Prev | Next