Create Trusted Certificate Authority elements

If you want to use a certificate signed by a certificate authority that is not one of the default Trusted Certificate Authority elements, you must create a new Trusted Certificate Authority element.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to Administration.
  2. Browse to Certificates > Certificate Authorities > Trusted Certificate Authorities.
  3. Right-click Trusted Certificate Authorities, then select New Trusted Certificate Authority.
  4. In the Name field, enter a unique name.
    Note: No other fields on the General tab can be edited. The fields are filled in automatically based on the information contained in the certificate that you import.
  5. On the Certificate tab, import a certificate.
    1. Click Import.
    2. Browse to the certificate, then click Open.
    3. Click OK.
  6. Click OK.

Next steps

To use the Trusted Certificate Authority element in a TLS Profile element, create or modify the TLS Profile element.

Trusted Certificate Authority Properties dialog box

Use this dialog box to configure settings for a Trusted Certificate Authority element.

Option Definition
General tab
Name The name of the element.
Subject Name The identifier of the certified entity.
Public Key Algorithm The public key algorithm that was used to sign the certificate.
Key Length The length of the key in bits.
Serial Number The sequence number of the certificate. The number is issued by the CA.
Signature Algorithm The signature algorithm that was used to sign the certificate.
Signed by The CA that signed the certificate.
SubjectAltName The alternative subject name of the certified entity.
Valid From Shows the start date of certificate validity.
Valid To Shows the end date of certificate validity.
Fingerprint (SHA-1) Shows the certificate fingerprint using the SHA-1 algorithm.
Fingerprint (SHA-256) Shows the certificate fingerprint using the SHA-256 algorithm.
Fingerprint (SHA-512) Shows the certificate fingerprint using the SHA-512 algorithm.
Validity time Shows the length of time that the certificate is valid.
Option Definition
Certificate tab
Export Opens a file browser to export a certificate file.
Import Opens a file browser to import a certificate file.
Option Definition
Validation tab
Check Validity on Certificate-Specified CRLs When selected, the validity of the certificate is checked on a certificate revocation list.
Additional CRL Servers Shows the selected CRL servers.
Add Adds a CRL server to the Additional CRL Servers list.
  • Manual Server Address — Manually type the address in a dialog that opens.

Trusted CA Tag Properties dialog box

Use this dialog box to view the details of the Trusted CA Tag element.

Option Definition
Name The name of the element.
Comment

(Optional)

 A comment for your own reference.