Generating Certificates

You can use a self-signed certificate generated in Salesforce or a certificate signed by a certificate authority (CA). To generate a certificate for a callout:

  1. From Setup, enter Certificate and Key Management in the Quick Find box, then select Certificate and Key Management.
  2. Select either Create Self-Signed Certificate or Create CA-Signed Certificate, based on what kind of certificate your external website accepts. You can’t change the type of a certificate after you’ve created it.
  3. Enter a descriptive label for the Salesforce certificate. This name is used primarily by administrators when viewing certificates.
  4. Enter the Unique Name. This name is automatically populated based on the certificate label you enter. This name can contain only underscores and alphanumeric characters, and must be unique in your organization. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. Use the Unique Name when referring to the certificate using the Force.com Web services API or Apex.
  5. Select a Key Size for your generated certificate and keys. We recommend that you use the default key size of 2048 for security reasons. Selecting 2048 generates a certificate using 2048-bit keys and is valid for two years. Selecting 1024 generates a certificate using 1024-bit keys and is valid for one year.
    Note

    Note

    Once you save a Salesforce certificate, you can’t change the key size.

  6. If you’re creating a CA-signed certificate, you must also enter the following information. These fields are joined together to generate a unique certificate.
    Field Description
    Common Name The fully qualified domain name of the company requesting the signed certificate. This is generally of the form: http://www.mycompany.com.
    Email Address The email address associated with this certificate.
    Company Either the legal name of your company, or your legal name.
    Department The branch of your company using the certificate, such as marketing or accounting.
    City The city where the company resides.
    State The state where the company resides.
    Country Code A two-letter code indicating the country where the company resides. For the United States, the value is US.
  7. Click Save.

After you successfully save a Salesforce certificate, the certificate and corresponding keys are automatically generated.

After you create a CA-signed certificate, you must upload the signed certificate before you can use it. See “Uploading Certificate Authority (CA)-Signed Certificates” in the Salesforce online help.

Previous
Next