Upload Certificates for Trusted Certificate Authorities

In the Cloud Administration Console, you can upload certificate authority (CA) certificates for CAs that you want the identity routers to trust. You must upload CA certificates if your company uses an internal or less-common CA to sign certificates for its protected applications. For a list of CAs that the identity routers automatically trust, see List of Trusted Certificate Authorities for HFED and Trusted Headers Applications.

Before you begin

  • You must be a Super Admin to perform this task.
  • You must have a PEM file containing one or more CA certificates.


  1. In the Cloud Administration Console, click Platform > Certificates and Encryption.
  2. On the My Certificate Authorities page, click Add.
  3. Find and import the file that contains the CA certificate.
    A confirmation message appears and the details for each certificate are displayed in the My Certificate Authorities table.
  4. Click Save.
  5. (Optional) Click Publish Changes in the top menu bar if you want to activate the setting immediately. Otherwise, changes accumulate and are published during the next publish operation.