Own Certificate Authorities

Conbool allows you to create and manage your own certificate authorities (CAs) to issue self-signed certificates internally.
This is particularly useful for test environments, isolated systems, or organizations that want to build an internal chain of trust.

Create Your Own CA

1. Open S/MIME → Certificate Authority icon in the menu.
2. Select "Own MPKI".
3. Press "+".
4. Fill in general information and cryptographic settings.
5. Confirm the creation.
   The new CA then appears in the overview and can be used for certificate issuance.

Issue Certificates with Your Own CA

1. Select the certificate authority icon again in the S/MIME section.
2. Select the previously created own CA.
3. Click "Open".
4. Click "+".
5. Enter email address, name, password, and validity period.
6. The certificate is issued immediately and is available in the system.

Usage and Limitations

• Self-signed certificates are not automatically recognized as trusted by external recipients.
• For internal communication within the same tenant or with trusted partners, they can be used without any issues.
• Own CAs can be exported if needed (root certificate in .cer format) to install them in clients or gateways.

Recommended:
Use internal CAs only for tests, internal communication, or isolated systems.
For productive, external communication, official certificates via SwissSign or D-Trust should be used.