Crypto data

In Gallium Data, each project has a Crypto tab under Project, containing a Keys area and a Trust area. If the project contains connections that use SSL or TLS encryption, these areas will need to be filled.

However, it is also possible to use a key loader to load keys from outside sources -- see that documentation for details.

Note that any changes in the crypto entries for a project will reset all the connections for that project. In other words, if you make any changes to the Keys or Trust entries, and publish, all connections will be closed and re-opened.

Keys

The Keys area can contain a private key entry and a certificate entry for the private key.

The private key entry must be in PEM format, either in PKCS#1 format (starting with -----BEGIN RSA PRIVATE KEY-----) or in PKCS#8 format (starting with -----BEGIN PRIVATE KEY-----).

The certificate entry must also be in PEM format, starting with -----BEGIN CERTIFICATE-----.

Trust

The Trust area can contain one or more certificates (you may need more than one if there is a certificate chain).

Each certificate must be in PEM format, starting with -----BEGIN CERTIFICATE-----.

Comments

Keys and certificates are surrounded by their BEGIN/END markers. You can add comments outside of these markers. This is useful to keep track of what the keys and certificates are, when they expire, etc...