Manualshelf

User`s guide

ManualsBrandsDigi ManualsComputer equipmentTS 8 MEI
151152153154155156157158159160
Digi device administration
152
X.509 Certificate/Key Management
The X.509 Certificate/Key Management pages are for loading and managing X.509 certificates
and public/private host key pairs that are public key infrastructure (PKI) based security. There are
separate pages of settings for the certificate databases and key management.
Certificate Authorities (CAs) / Certificate Revocation Lists (CRLs)
The Certificate Authority (CA) database is used to load certificate authority digital certificates.
A certificate authority (CA) is a trusted third party which issues digital certificates for use by other
parties. Digital certificates issued by the CA contain a public key. The certificate also contains
information about the individual or organization to which the public key belongs. A CA verifies
digital certificate applicants' credentials. The CA certificate allows verification of digital
certificates, and the information contained therein, issued by that CA.
The Certificate Revocation List (CRL) database is used to load certificate revocation lists for
loaded CAs. A certificate revocation list (CRL) is a file that contains the serial numbers of digital
certificates issued by a CA which have been revoked, and should no longer be trusted. Like CAs,
CRLs are a vital part of a public key infrastructure (PKI). The digital certificate of the
corresponding CA must be installed before the CRL can be loaded.
Upload Certificate Authority Certificates and Certificate Revocation Lists: Use this
section to upload certificate authority (CA) certificates, or certificate revocation list
(CRL) files. Files may be in ASN.1 DER or PEM Base64 encoded formats.
Installed Certificate Authority Certificates: Lists any certificate authority certificates
that are loaded in the Certificate Authority database.
Installed Certificate Authority Certificate Revocation Lists: Lists any certificate
authority certificate revocation lists that are loaded in the Certificate Revocation List
database.
Obtain CA certificates from a SCEP Server: Use this section to specify the SCEP
server from which CA certificates should be obtained. Note: Certificates must be
accepted by the operator to be used for any purpose.
Installed SCEP Certificate Authority Certificates: Lists any Simple Certificate
Enrollment Protocol (SCEP) certificate authority certificates that are installed.