Manualshelf

Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
919293949596979899100
94 | Onboard + WorkSpace Dell Networking W-ClearPass Guest 6.3 | User Guide
l To create a copy of a certificate authority configuration to use as a basis for a new certificate authority, click its
Duplicate link. The first page of the Certificate Authority Settings form opens with the identity, private key, and
self-signed certificate attributes prepopulated and "Copy" appended to the name. You can rename the new
certificate authority and edit any of its attributes.
l To delete a certificate authority, you can click its Delete link. You will be asked to confirm the deletion before it
commits.
l To see if the certificate authority is currently used, click its Show Usage link. The form expands to show a list of
provisioning sets that use the certificate authority.
l To view the trust chain for the certificate authority, click its Trust Chain link. The Certificate Authority Trust
Chain page opens. See "The Trust Chain and Uploading Certificates for the CA " on page 137.
l To view a list of certificates associated with the certificate authority, click its Certificates link. The Certificate
Management page opens. See
l To renew the certificate authority, click its Renew link. If it is an intermediate certificate authority, the Intermediate
Certificate Renewal page opens, where you can send a certificate signing request; see "Requesting a Certificate for
the Certificate Authority" on page 101. If it is a root certificate authority, the row expands to include the Root
Certificate Renewal option. Click the Renew Root Certificate button.
Renewing the certificate uses the same private key for the root certificate, but reissues the root CA certificate with
an updated validity period. This will maintain the validity of all certificates issued by the CA. When you renew a
certificate, you should distribute a new copy of the root certificate to all users of that certificate.
l To delete a certificate authority's client certificates, click its Delete Client Certificates link. The row expands to
include the Delete Client Certificates form. To confirm the deletion, you must mark the Reset the specified items
check box in the Confirm Reset field, then click the Delete Client Certificates button. Doing so will permanently
delete all client certificates for the certificate authority. This action cannot be reversed.
l To create a new certificate authority, click the Create new certificate authority link in the upper right corner. The
initial setup page of the Certificate Authority Settings form opens. See the next section, "Creating a New Certificate
Authority" on page 94.
Creating a New Certificate Authority
The first page of the Certificate Authority Settings form is used to create the Onboard certificate authority (CA) and to
configure some basic properties:
l Give it a name and description
l Specify root CA, intermediate CA, or local CA mode
l Configure the identity, private key, and self-signed certificate attributes