> ## Documentation Index
> Fetch the complete documentation index at: https://developers.pcibooking.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Client Certificates

> Upload client certificates for mutual TLS authentication when PCI Booking connects to your payment gateway.

Some third parties require certificate-based authentication (mutual TLS) when connecting to their APIs. PCI Booking can present a client certificate on your behalf when forwarding requests via [Token Replacement in Request](/use-tokens/token-replacement-in-request) or [Tokenization on Response](/capture-cards/tokenization-on-response).

Upload your certificates to PCI Booking, then reference them by name in your [target profiles](/account-setup/target-profiles).

## Uploading a Certificate

1. Log in to the [PCI Booking portal](https://users.pcibooking.net).
2. Navigate to **PCI Shield Settings** > **Client Certificate**.
3. Provide the following:

| Field                     | Description                                                                   |
| ------------------------- | ----------------------------------------------------------------------------- |
| **Certificate file**      | The certificate file in `.cer` or `.pfx` format.                              |
| **Certificate name**      | A reference name you will use when configuring profiles and gateway requests. |
| **Installation password** | The password associated with the certificate file.                            |

4. Submit. The certificate appears in your list and is available for use across your account.

## Managing Certificates

From the same screen you can view all uploaded certificates and delete any that are no longer needed.

## Where Certificates Are Used

* **[Target Profiles](/account-setup/target-profiles)**. Assign a client certificate to a profile for mutual TLS with a specific third party.
* **[Universal Payment Gateway](/use-tokens/universal-payment-gateway)**. Some PSPs require client certificates for API authentication.

## Next Steps

<CardGroup cols={2}>
  <Card title="Target Profiles" icon="book" href="/account-setup/target-profiles">
    Configure profiles that use client certificates
  </Card>

  <Card title="Security Settings" icon="book" href="/account-setup/security-settings">
    Other account-level security configurations
  </Card>
</CardGroup>
