The certificates in your application configuration are RSA encryption keys. You need the private key to sign system user tokens in server-to-server applications and database mirroring.
The Developer Portal stores your public key. However, you must store the private key.
There can be only one client secret and only one certificate per environment. To replace a secret or certificate, first click the trashcan to remove the old value and then create a new.
In the Developer Portal, go to your app page.
To see the list of all apps:
- Select Apps from the top menu, or
- Go to your partner overview page.
Toggle Advanced and select Secrets and Certificates.
Click New Certificate.
Enter a description and expiration, and then click Add.
Expiration date is not enforced yet.
Store the private key somewhere safe! You can't look it up in the Developer Portal later.
Click Save Settings.
Request to publish the new configuration.