Certificates Management

The Certificates Management module for Sysdig Secure provides a simple interface for administrators to create, upload, update, or delete the certificates that are used for content exported from the Sysdig environment.

Specifically, it:

  • Optimizes the secure handling of certificates
  • Supports .csr flows
  • Provides a UI for certificate management
  • Adds support for client-side certificates in the events forwarder

At this time, the feature is for Sysdig Secure SaaS only, and is integrated with the appropriate event forwarding options:

Kafka authentication is handled through a different mechanism.

Access the Certificates Management Page

  1. Log in to Sysdig Secure as admin and navigate to Settings from the user profile.

  2. Select Certificates Management.

  3. Continue with creating a certificate.

Create a Certificate

Follow the steps below to generate a certificate.

Once you’ve created a certificate, you can assign the certificate to the event forwarding integrations.

Generate a CA-Signed Key and Cert

You must have a signed key and certificate from a Certificate Authority (CA), a step that your organization may already have done. If not, follow these steps:

  1. Generate the CA key:

    openssl genrsa -out ca.key 4096

  2. Generate the CA certificate, setting the expiration to 10 years from now:

    openssl req -x509 -new -nodes -key ca.key -sha256 -days 1825 -out ca.pem

You will be prompted to provide details to populate the certificate information. Be as thorough as possible. Save the resulting ca.pem file.

Obtain the Certificate Signing Request (CSR)

The Certificates Management UI streamlines the process of obtaining a certificate-signing request (CSR).

  1. Log in to Sysdig Secure as Admin and select Settings > Certificates.

  2. Click Upload Certificate or click the three-dot menu and select New CSR.

Upload the .pem in the Sysdig UI

  1. Return to Settings > Certificates and select Upload Certificate.

  2. Assign the certificate a meaningful name.

  3. Click Upload and Create.

    The certificate will appear in the certificates list and can be applied as needed.

Apply Certificate to Event Forwarding

  1. Log in to Sysdig Secure as an administrator and select Integrations > Notification Channels.

  2. Choose an existing or new integration for Splunk, Syslog, or Webhook.

  3. Select the correct uploaded certificate from the Certificate field and Save.

Manage Certificates

Check Where Certs Are Used

Each certificate shows in how many places it is used. Click that number to go to each integration using that certificate.

Remove a Certificate

To remove a certificate, first make it unused. Open each integration using the certificate and either remove it from the integration or remove the whole integration itself.

When the certificate is no longer used, you can remove it.

Update a Certificate

To update a certificate, add a completely new certificate and update the integrations to use it instead of the old one. Then you can remove the old one.