Profile Settings

The profile settings page allows you to manage basic account information, change your password, and configure API access keys for programmatic access to anssl services.

Accessing Settings

Visit the Profile Settings page.

Account Information

View Account Information

The top of the page displays your basic account information:

Email Address: Email used for login and receiving notifications
Registration Date: Account creation date
Account Status: Current account status (Active/Restricted)

Change Password

Regularly changing your password helps protect your account security.

Enter Current Password

Enter your current password in the “Current Password” field
Set New Password

Enter your new password in the “New Password” field

Password requirements:
- At least 8 characters
- Contains uppercase and lowercase letters
- Contains numbers
- May contain special characters
Confirm New Password

Re-enter your new password in the “Confirm Password” field
Submit Changes

Click the “Change Password” button to complete the change

API Access Keys

API access keys allow programmatic access to the anssl API for automated certificate management.

What are Access Keys?

An access key is a pair of credentials containing an Access Key ID and Secret Key:

Access Key ID: Public key identifier
Secret Key: Private key content, displayed only once upon creation

Create Access Key

Click the “Create Key” button in the “API Access Keys” section
The system generates a new access key pair
Immediately copy and save the Secret Key

This is the only opportunity to view the complete Secret Key
Save the key securely in a password manager or environment variable

Using Access Keys

Use access keys in your application to call the anssl API:

# Set via environment variables
export ANSSL_ACCESS_KEY_ID="your_access_key_id"
export ANSSL_SECRET_KEY="your_secret_key"

// Use in code
const client = new AnSSLClient({
  accessKeyId: process.env.ANSSL_ACCESS_KEY_ID,
  secretKey: process.env.ANSSL_SECRET_KEY
});

Rotate Access Keys

For enhanced security, it’s recommended to rotate access keys regularly:

Create a new access key
Update your applications with the new key
Verify the new key works correctly
Delete the old access key

Delete Access Key

If a key is compromised or no longer needed:

Find the corresponding key in the key list
Click the “Delete” button
Confirm the deletion

Security Best Practices

Password Security

✅ Use strong passwords (containing uppercase, lowercase, numbers, and special characters)
✅ Change passwords regularly (recommended every 3-6 months)
✅ Don’t use the same password across multiple sites
✅ Use a password manager to generate and store passwords
❌ Don’t share your password with others
❌ Don’t save passwords on public devices

API Key Security

✅ Store keys in environment variables or key management systems
✅ Rotate keys regularly (recommended every 90 days)
✅ Create different keys for different applications
✅ Delete unused keys promptly
❌ Don’t hard-code keys in source code
❌ Don’t commit keys to version control systems
❌ Don’t output keys in logs

Account Security Monitoring

The system monitors abnormal account activities:

Logins from unusual locations
Frequent password change attempts
Abnormal API calling patterns
Multiple failed authentication attempts

If suspicious activity is detected, the system will:

Send security notifications to your email
Potentially restrict account access temporarily
Require identity re-verification

FAQ

What if I forget my password?

Click “Forgot Password” on the login page to reset your password via email verification.

How many access keys can I create?

Each account can create up to 5 active access keys. To create more, delete unused keys first.

Do API keys have usage limits?

Access keys themselves don’t expire, but regular rotation is recommended. API calls have rate limits - see API documentation for details.

What if my key is compromised?

Immediately delete the compromised key and create a new one. Check for unauthorized API call records.