Previous Topic: Export Certificate and Key DataNext Topic: Check Certificate Validity with CRLs


Certificate Authority (CA) Certificate Usage

The federation system uses Certificate Authority certificates to verify the following items:

A default set of common root and intermediate CA certificates are shipped with the product for these purposes.

Import a CA Certificate

A set of common root and intermediate CAs are included with the product. To use CA certificates that are not in the certificate data store, import them.

Any certificate that you import is treated as a CA certificate. The exceptions are self-signed certificates:

To import a CA certificate

  1. Log in to the Administrative UI.
  2. Select Infrastructure, X509 Certificate Management, Certificate Authorities.

    The Certificate Authorities List displays.

  3. Click Import New.

    The Import CA Certificate dialog displays.

    Note: Click Help for a description of fields, controls, and their respective requirements.

  4. Follow the wizard to import a new entry.
  5. At the Confirm step, review the certificate information and click Finish.

The CA certificate is imported into the certificate data store. The change takes place directly after the import is complete.

Important! You cannot delete a CA certificate that is part of a trust chain for other certificates in use on the system. If you try to delete a CA certificate in use, an error message states that the certificate cannot be deleted.