Manualshelf

Connectivity Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
81828384858687888990
86 | Onboard + WorkSpace Dell Networking W-ClearPass Guest 6.2 | User Guide
MD5 is not recommended for use with root certificates.
12. Click Create Certificate Authority.
l If you selected root mode, the root certificate is included in the Certificate Authorities list.
l If you selected intermediate mode, the Intermediate Certificate Request page opens with text for the certificate
signing request (CSR). You can send the CSR to a certificate authority, who will generate a signed certificate
you can install. See "Requesting a Certificate for the Certificate Authority" on page 88.
l If you selected imported mode, the Certificate Authority Certificate Import form opens, where you can upload
the digital certificates and private key to the server. See"Installing a Certificate Authoritys Certificate " on page
88.
Editing Certificate Authority Settings
You can edit some properties of a certificate authority after you create it, and configure some attributes that were not
included on the setup form.
To edit a certificate authority:
1. Go to Onboard + WorkSpace >Initial Setup > Certificate Authorities, click the certificate to expand its row, and
click its Edit link. The Certificate Authority Settings form opens.
2. You may edit the certificate's Name. The certificate should have a short name that identifies it clearly. Certificate
authority names can include spaces.
3. You may edit the Description. Briefly describe the CA. This description is shown in the Certificate Authorities list.
The Name and Description fields are used internally to identify this certificate authority for the network
administrator. These values are never displayed to the user during device provisioning.
4. The certificate's Mode cannot be edited after creation.
5. In the Certificate Issuing area, specify one of the following options in the Authority Info Access drop-down list to
control automatic certificate revocation checks:
l Do not include OCSP responder URL The Authority Info Access extension is not included in the client
certificate. Certificate revocation checking must be configured manually on the authentication server. This is the
default option.
l Include OCSP responder URL The Authority Info Access extension is added to the client certificates, with
the OCSP responder URL set to a predetermined value. This value is displayed as the “OCSP URL”.