Yandex.Cloud
  • Services
  • Why Yandex.Cloud
  • Pricing
  • Documentation
  • Contact us
Get started
Yandex Certificate Manager
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Let's Encrypt® certificate
      • Create a certificate
      • Get the contents of a certificate
      • Domain rights check procedure
      • Renew a certificate
      • Edit a certificate
      • Delete a certificate
    • User certificate
      • Create a certificate
      • Get the contents of a certificate
      • Renew a certificate
      • Edit a certificate
      • Delete a certificate
    • Domain
      • Create a domain
      • Link a certificate to a domain
      • Update a domain description
      • Delete a domain
    • Backups
  • Concepts
    • Overview
    • Let's Encrypt® certificate
    • User certificate
    • Check rights for domain
    • Integration with Yandex.Cloud services
    • Quotas and limits
    • Domain
      • Overview
      • Integration of the domain management system with services from Yandex.Cloud
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • CertificateContentService
      • CertificateService
      • OperationService
    • REST
      • Overview
      • Certificate
        • Overview
        • create
        • delete
        • get
        • list
        • listAccessBindings
        • listOperations
        • requestNew
        • setAccessBindings
        • update
        • updateAccessBindings
      • CertificateContent
        • Overview
        • get
  • Questions and answers
  1. Concepts
  2. User certificate

User certificate

  • Certificate requirements
  • Renew a certificate

Certificate Manager lets you import certificates provided by third-party authorities and self-signed certificates. To import:

  • A self-signed certificate: Specify the certificate and its private key.
  • A certificate issued by a third-party certificate authority: Specify the certificate, its private key, and the intermediate certificate chain.

Supported cryptographic algorithms for creating private keys:

  • RSA-2048
  • RSA-4096

Certificate requirements

User certificate requirements:

  • The certificate must meet X.509 ver.3.

  • The certificate must contain the public key, website domain name, and publisher information.

  • You only import valid certificates.

    You can't import a certificate before it becomes valid or after its expiration date.

  • Make sure to decrypt the private key of the certificate.

    You can't import a private key that is password-protected.

  • Import the certificate, intermediate certificate chain, and private key in PEM-encoded format.

Renew a certificate

Certificate Manager doesn't manage user certificates. To make your certificate continuously available to your resources, be sure to renew it on time.

To renew a certificate:

  1. Get a new TLS certificate from a third-party certificate authority.

  2. Renew the certificate.

    All the resources that use the certificate will get its new version.

See also

  • Integration with Yandex.Cloud services
In this article:
  • Certificate requirements
  • Renew a certificate
Language
Careers
Privacy policy
Terms of use
© 2021 Yandex.Cloud LLC