How to Create an mTLS Certificate


In order to create an mTLS certificate you will need to ensure you have: 

To make use of the GlobalSign API’s, an mTLS Certificate is required. The mTLS Certificate (Mutual TLS) is the PEM encoded x509 certificate that has Client Authentication enabled. It is used to authenticate to GlobalSign's API along with your user credentials.

To create an mTLS certificate, follow the steps below.


Creating an mTLS Certificate


  1. Log in to your GlobalSign Atlas Account.
  2. Click either “mTLS Certificates” from the sidebar, or “Generate An mTLS Certificate” from the dashboard.

    Step 2.png

  3. Select one of the options for connecting to the API, depending on your circumstance.

    Via Our Technology Partners: Connecting via technology partner integrations doesn't require an mTLS certificate. To learn more about partner integrations, contact your local sales team.

    Directly via the API: Connecting via the API requires an mTLS certificate for secure access.

    Step 3.png

  4. Selecting “Continue” under the “Directly via the API” option, will take you to the following page. From here you will see all API credentials, created under the account. For further information on API credentials, please see here.

    Step 4.png

  5. Please then select one or more API credentials to link to the mTLS certificate, similar to the below – where I have selected only 1 API credential to link.

    Once you have selected an API credential, the details will populate under the “mTLS Certificate Summary” sidebar on the right.

    You may now click “Continue”

    Step 5.png

  6. The following “Paste a CSR” page will be showing, which is where you need to generate a Certificate Signing Request (CSR) for your mTLS certificate.

    In order to create a CSR, please follow the guide here.

    Note. The CSR must be at least 2048 RSA key size.

    Step 6.png

  7. Please then paste your CSR in the box and select “Continue”
  8. You will now have your mTLS certificate.

    1. Please either click “Copy to Clipboard” or simply copy the mTLS certificate, and paste this into a text editor, saving this as a “.cer” file format.
    2. Please then click “Download ICA” which is the issuing CA certificate for your mTLS.

      Step 6.png

      You will then have the following files:

      Step 6.png

Congrats you have just created and downloaded your mTLS Certificate.

Your certificate should now be ready to use to authenticate into using the GlobalSign API.

For additional information on mTLS certificates, please check out our mTLS FAQs.

Related Articles

GlobalSign System Alerts

View recent system alerts.

View Alerts

Certificate Inventory Tool

Scan your endpoints to locate all of your Certificates.

Log In / Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.