User's Manual
98 | Onboard Dell Networking W-ClearPass Guest 6.4 | User Guide
l To create a copy of a certificate authority configuration to use as a basis for a new certificate authority, click
its Duplicate link. The first page of the Certificate Authority Settings form opens with the identity, private
key, and self-signed certificate attributes prepopulated and "Copy" appended to the name. You can rename
the new certificate authority and edit any of its attributes.
l To delete a certificate authority, you can click its Delete link. You will be asked to confirm the deletion
before it commits.
l To see if the certificate authority is currently used, click its Show Usage link. The form expands to show a
list of provisioning sets that use the certificate authority.
l To view the trust chain for the certificate authority, click its Trust Chain link. The Certificate Authority Trust
Chain page opens. See "The Trust Chain and Uploading Certificates for the CA " on page 128.
l To view a list of certificates associated with the certificate authority, click its Certificates link. The Certificate
Management page opens. See "Certificate Management (View by Certificate) " on page 115.
l To renew the certificate authority, click its Renew link. If it is an intermediate certificate authority, the
Intermediate Certificate Renewal page opens, where you can send a certificate signing request; see
"Requesting a Certificate for the Certificate Authority" on page 105. If it is a root certificate authority, the
row expands to include the Root Certificate Renewal option. Click the Renew Root Certificate button.
Renewing the certificate uses the same private key for the root certificate, but reissues the root CA
certificate with an updated validity period. This will maintain the validity of all certificates issued by the CA.
When you renew a certificate, you should distribute a new copy of the root certificate to all users of that
certificate.
l To delete a certificate authority's client certificates, click its Delete Client Certificates link. The row
expands to include the Delete Client Certificates form. To confirm the deletion, you must mark the Reset
the specified items check box in the Confirm Reset field, and then click the Delete Client Certificates
button. Doing so will permanently delete all client certificates for the certificate authority. This action
cannot be reversed.
l To create a new certificate authority, click the Create new certificate authority link in the upper right
corner. The initial setup page of the Certificate Authority Settings form opens. See the next section,
"Creating a New Certificate Authority" on page 98.
Creating a New Certificate Authority
The first page of the Certificate Authority Settings form is used to create the Onboard certificate authority (CA)
and to configure some basic properties:
l Give it a name and description
l Specify root CA, intermediate CA, or local CA mode