Certificated-Based Authentication

Certificate-Based authentication uses client certificates for establishing a mutually authenticated SSL session between the client (you) and the server (Rhombus). Below is a basic flow (with some examples commands) for generating certificate-based API keys.

1. openssl req -out rhombus_client.csr -new -newkey rsa:4096 -nodes -keyout rhombus_client.key -subj "/C=US/ST=California/L=Sacramento/O=Rhombus Systems/CN=Client Name"
   a. Replace the C, ST, L, O, and CN values with the appropriate values for your organization
2. Navigate to https://console.rhombussystems.com/settings/api-management/ and click “Add API Token”
3. Enter a name and paste the contents of the file “rhombus_client.csr” in the Certificate Signing Request field
4. The certificate will show up as “Pending” until it has been signed, which may take up to 24 hours.
5. Once the API Token shows up as Active, you can download:
   a. Signed Certificate – by clicking the “Download” text
   b. API Key - A 22 character (alphanumeric) string under the header “API Key”