Filter
Top Products
Working with the M111
Managing certificates
3-40
Trusted CA certificate store
This list displays all CA certificates installed on the M111. The M111 uses the CA certificates
to validate the certificates supplied by administrators accessing the M111 management tool.
Multiple CA certificates can be installed to support validation of certificates issued by
different CAs.
The following information is displayed for each certificate in the list:
ID: A sequentially assigned number to help identify certificates with the same common
name.
Issued to: Name of the certificate holder. Select the name to view the contents of the
certificate.
Current usage: Lists the services that are currently using this certificate.
CRL: Indicates if a certificate revocation list is bound to the certificate. An X.509
certificate revocation list is a document produced by a certificate authority (CA) that
provides a list of serial numbers of certificates that have been signed by the CA but that
should be rejected.
Delete: Select to remove the certificate from the certificate store.
Installing a new CA certificate
1. Specify the name of the certificate file or select Browse to choose from a list. CA
certificates must be in X.509 or PKCS #7 format.
2. Select Install to install a new CA certificate.
CA certificate import formats
The import mechanism supports importing the ASN.1 DER encoded X.509 certificate directly
or as part of two other formats:
PKCS #7 (widely used by Microsoft products)
PEM, defined by OpenSSL (popular in the Unix world)
The CRL can be imported as an ASN.1 DER encoded X.509 certificate revocation list
directly or as part of a PEM file.
Content and
file format
Items carried in the file Description
ASN.1 DER encoded
X.509 certificate
One X.509 certificate This is the most basic format
supported, the certificate
without any envelope.
X.509 certificate in
PKCS #7 file
One X.509 certificate Popular format with Microsoft
products.