Filter
Top Products
Security
Managing certificates
The CRL can be imported as an ASN.1 DER encoded X.509 certificate revocation list
directly or as part of a PEM file.
Content and
file format Items carried in the file Description
ASN.1 DER encoded
X.509 certificate
One X.509 certificate This is the most basic format
supported, the certificate
without any envelope.
X.509 certificate in
PKCS #7 file
One X.509 certificate Popular format with Microsoft
products.
X.509 certificate in
PEM file
One or more X.509 certificates Popular format in the Unix
world. X.509 DER certificate is
base64 encoded and placed
between
"-----BEGIN CERTIFICATE-----"
and
"-----END CERTIFICATE-----"
lines. Multiple certificates can
be repeated in the same file.
ASN.1 DER encoded
X.509 CRL
One X.509 CRL Most basic format supported for
CRL.
X.509 CRL in PEM file One X.509 CRL Same format as X.509 certificate
in PEM format, except that the
lines contain BEGIN CRL and
END CRL.
Default CA certificates
The following certificates are installed by default:
SOAP API Certificate Authority: Before allowing a SOAP client to connect, the
service controller checks the certificate supplied by a SOAP client to ensure that it is
issued by a trusted certificate authority (CA).
Dummy Authority: Used by the internal RADIUS server. You should replace this with
your own CA certificate.
Note For security reasons, you should replace the default certificates with your own.
5-8