Managing Certificate Authorities

A certificate authority (CA) is a trusted entity that issues digital certificates that verify a digital entity’s identity. Digital certificates are an integral part of secure communication and play an important part in the public key infrastructure (PKI). Certificates typically include the public key, the expiration date of the certificate, the owner's name and other information about the certificate owner. Operating systems (OSes) and browsers maintain lists of trusted CA root certificates to verify the identity and validity of certificates that a CA has issued and signed. Certificate Authorities are enabled by the System Administrator.

To add a certificate

1. Click the Add button on the Trusted Certificate Authorities page. The Trusted Certificate Authorities window appears.

2. Add a name for your certificate by entering a name. Decide how you want the user login extracted and select from:

   • Principal Name from Subject Alternate Name

   • RFC 822 Name Subject Alternate Name

   • User Name from Subject

3. Choose the CA Chain by selecting the Browse button and selecting the certificate chain.

   The uploaded file must contain all certificates required to establish chain trust from a user certificate. If chain trust verification requires intermediate authorities, package all required certificates in p7b format, and upload the p7b file. The p7b file should contain all intermediate authorities chaining up to a root authority.

4. Click Save.

To edit a certificate

1. Select the certificate you wish to edit, click the Actions button, and drill-down to select Modify.

2. The Trusted Certificate Authorities window appears. Edit the fields that you want to change.

3. Click Save.

To delete a certificate

1. Choose the certificate you want to delete, click the Actions button, and drill-down to select Delete.

2. A window appears asking if you are sure you want to delete the certificate. Click Yes and delete the certificate.