Filter
Top Products
Working with the M111
Managing certificates
3-41
Certificate and private key store
This list displays all certificates installed on the M111. The M111 uses these certificates and
private keys to authenticate itself to peers.
The following information is displayed for each certificate in the list:
ID: A sequentially assigned number to help identify certificates with the same common
name.
Issued to: Name of the certificate holder. Select the name to view the contents of the
certificate.
Issued by: Name of the CA that issued the certificate.
Current usage: Lists the services that are currently using this certificate.
Delete: Select to remove the certificate from the certificate store.
Installing a new private key/public key certificate chain pair
The certificate you install must:
Be in PKCS #12 format.
Contain a private key (a password controls access to the private key).
Not have a name that is an IP address. The name should be a domain name containing at
least one dot. If you try to add a certificate with an invalid name, the default certificate is
restored.
The name in the certificate is automatically assigned as the domain name of the M111.
X.509 certificate in
PEM file
One or more X.509 certificate Popular format in the Unix
world. X.509 DER certificate is
base64 encoded and placed
between
"-----BEGIN CERTIFICATE-----"
and
"-----END CERTIFICATE-----"
lines. Multiple certificates can be
repeated in the same file.
ASN.1 DER encoded
X.509 CRL
One X.509 CRL Most basic format supported for
CRL.
X.509 CRL in PEM file One X.509 CRL Same format as X.509 certificate
in PEM format, except that the
lines contain BEGIN CRL and
END CRL.
Content and
file format
Items carried in the file Description