Skip to main content
Custom Certificates
Last update:

Custom Certificates

You can upload a custom certificate that you have issued from a third-party certificate authority to the Secret Manager. To do this, you need:

  • the primary certificate for the domain;
  • private key;
  • optional: one or more intermediate certificates. Intermediate certificates bind the final TLS certificate to the root certificate authority, it is used by the browser to verify the authenticity of the issued TLS certificate;
  • optional: root certificate — part of the key that certificate authorities use to sign a TLS certificate. May be required when using self-signed certificates.

Add a custom certificate

  1. A user certificate is valid only if project to which it has been added. Make sure that you are in the right project. To do this, open the project menu (name of the current project) and select the project.

  2. В control panels go to Cloud platformThe manager of secrets.

  3. Click Add a certificate.

  4. Select User certificate.

  5. Enter the name of the certificate.

  6. Insert the master certificate for the domain. It must begin with -----BEGIN CERTIFICATE----- and end -----END CERTIFICATE-----.

  7. Insert the private key. It must begin with -----BEGIN PRIVATE KEY----- and end -----END PRIVATE KEY-----.

  8. Optional: To add an intermediate certificate, check the checkbox Add an intermediate certificate and in the field Intermediate certificate insert the certificate. It must begin with -----BEGIN CERTIFICATE----- and end -----END CERTIFICATE-----.

    If you need to add multiple intermediate certificates, make sure that all certificates (primary certificate for the domain, intermediate certificates, and root certificate) create a complete chain. Value Issuer of the main certificate must match the value of the Subject of the first intermediate certificate, the value of Issuer of the first intermediate certificate with Subject the second intermediate and so on.

    Intermediate certificates can be added in the field Intermediate certificate in any order, it's important to use the full chain.

  9. Optional: to add a root certificate, check the check box Add root certificate and in the field Root certificate insert the certificate. It must begin with -----BEGIN CERTIFICATE----- and end -----END CERTIFICATE-----.

  10. Click Add.

Update the user certificate

  1. В control panels go to Cloud platformThe manager of secrets.

  2. Open the tab Certificates.

  3. On the menu. of the certificate, select Update.

  4. Insert the master certificate for the domain. It must begin with -----BEGIN CERTIFICATE----- and end -----END CERTIFICATE-----.

  5. Insert the private key. It must begin with -----BEGIN PRIVATE KEY----- and end -----END PRIVATE KEY-----.

  6. Optional: To add an intermediate certificate, check the checkbox Add an intermediate certificate and in the field Intermediate certificate insert the certificate. It must begin with -----BEGIN CERTIFICATE----- and end -----END CERTIFICATE-----.

    If you need to add multiple intermediate certificates, make sure that all certificates (primary certificate for the domain, intermediate certificates, and root certificate) create a complete chain. Value Issuer of the main certificate must match the value of the Subject of the first intermediate certificate, the value of Issuer of the first intermediate certificate with Subject the second intermediate and so on.

    Intermediate certificates can be added in the field Intermediate certificate in any order, it's important to use the full chain.

  7. Optional: to add a root certificate, check the check box Add root certificate and in the field Root certificate insert the certificate. It must begin with -----BEGIN CERTIFICATE----- and end -----END CERTIFICATE-----.

  8. Click Update.