Certificate & Key Management

Welcome to PruTAN's Certificate & Key Management feature — a comprehensive security solution that enables you to secure your communication and data through the creation and management of certificates and cryptographic keys. This powerful tool ensures your API testing and data handling remain protected with enterprise-grade security.

Image 1 : Certificate Management Interface

Accessing Certificate & Key Management

  1. Navigate to the Certificates section in the PruTAN application. You can find this by clicking on the certificate icon in the submenu.
  2. Click the + New button to open the "Certificate & Key Management" dialog.

Creating a New Certificate

This feature allows you to upload and manage SSL/TLS certificates for secure communications.

Steps:

  1. Ensure the Certificate tab is selected within the "Certificate & Key Management" dialog
  2. Enter a descriptive name for your certificate in the Label field
  3. Upload your certificate file(s) by either:
    • Dragging and dropping files into the designated area, or
    • Clicking to browse and select files
  4. Click Save to store the certificate

Generating Crypto Keys

PruTAN enables you to generate various types of cryptographic keys for use in encryption, decryption, and other security operations.

Steps:

  1. In the "Certificate & Key Management" dialog, click on the Crypto Keys tab

Image 2 : Key Management Configuration

  1. Configure the following key parameters:
    • Length: Select the desired key length from the dropdown menu (e.g., 256 bits)
    • Mode: Choose the encryption mode (e.g., ECB - Electronic Codebook)
    • Component Fields: Depending on the selected key type and mode, you may need to enter multiple components. Click generate button to generate key for each component:
      • Component 1
      • Component 2
      • Component 3
      • KEK - Key Encryption Key
      • PEK - Pin Encryption Key
      • MAK - Message Authentication Key
  2. Click the Save button to store your cryptographic keys
  • User can also place its own key & KCV and verify KCV against keys.

Usage in Encryption/Decryption

Once certificates and crypto keys are created, they can be utilized throughout the PruTAN application for various security-related tasks:

  • Securing API communications: Using uploaded certificates for SSL/TLS handshakes
  • Data Encryption/Decryption: Employing generated crypto keys to encrypt sensitive data before transmission or storage, and decrypting it when needed
  • Message Authentication: Using MAK (Message Authentication Key) to verify the integrity and authenticity of messages

For specific implementation details on how to integrate these keys and certificates into your API requests or data processing workflows, please refer to the relevant sections of the PruTAN API documentation.

The Certificate & Key Management feature in PruTAN empowers teams to maintain robust security standards while testing and developing APIs, ensuring that sensitive data remains protected throughout the development lifecycle.