Managing Lists of Certificate Authorities
The appliance uses stored trusted certificate authorities to verify a certificate from a remote domain to establish the credentials of the domain. You can configure the security management appliance to use the following trusted certificate authorities:
-
System list- The appliance has a pre-installed list of trusted certificate authorities. This is called the system list.
-
Custom list- You can customize a list of trusted certificate authorities, and then import the custom list into the appliance.
Note | You can use either the system list or the customized list, or both to verify certificate from a remote domain. |
Manage the lists using the Network > Certificates > Edit Certificate Authorities page in the GUI or the certconfig > certauthority command in the CLI.
On the Network > Certificates > Edit Certificate Authorities page, you can perform the following tasks:
-
Choose whether or not to use the system list. You can enable or disable the system list. For more information, see Disabling the System Certificate Authority List.
-
Choose whether or not to use a custom certificate authority list. You can enable the appliance to use a custom list and then import the list from a text file. For more information, see Importing a Custom Certificate Authority List .
-
Export the list of certificate authorities. You can export either the system or customized list of certificate authorities to a location in your local drive. For more information, see Exporting a Certificate Authority List.
On the Network > Certificates > Manage Trusted Root Certificates page, you can perform the following tasks:
-
View the custom and system list of certificates. For more information, see Displaying Trust Root Certificate.
-
Delete an existing certificate. You can delete a custom certificate that you have imported. For more information,see Deleting Custom Certificate