Importing Certificates Issued by a Third-Party CA (CTPView Server Menu)
To import certificates issued by a third-party CA:
- From the CTPView Configuration Menu, select 9) AAA Functions.
CTPView Configuration Menu Please choose a menu item from the following list: 0) Exit CTPView Configuration Menu 1) Security Profile 2) System Configuration 3) Port Forwarding 4) Advanced Functions 5) Backup Functions 6) PostgreSQL Functions 7) CTPView Access Functions 8) GRUB Functions 9) AAA Functions Please input your choice : 9
- From the AAA Menu, select 7) CAC/PKI Configuration.
AAA Menu Please choose a menu item from the following list: 0) Return to previous menu 1) SSH(1st) - CAC/PKI: Disabled 2) SSH(2nd) - RADIUS/RSA: Disabled, TACACS+: Disabled 3) SSH(3rd) - Local User/Pass: Enabled - Loc Acct 4) HTTPS(1st) - CAC/PKI: Disabled 5) HTTPS(2nd) - RADIUS/RSA: Disabled, TACACS+: Disabled 6) HTTPS(3rd) - Local User/Pass: Enabled - Loc Acct 7) CAC/PKI Configuration 8) RADIUS/RSA SecurID Configuration 9) TACACS+ Configuration Please input your choice : 7
- In the CAC/PKI Menu, select 4) Import Certificate.
CAC/PKI Menu Please choose a menu item from the following list: 0) Return to previous menu 1) Create CSR 2) Self-Sign CSR 3) List Certificates 4) Import Certificate 5) Display Certificate 6) Validate Certificate 7) Remove Certificate 8) List CRL's 9) Import CRL 10) Display CRL 11) Remove CRL Please input your choice : 4
- Enter the certificate filename. Make sure that the certificate
issued by the third-party CA is placed in the /tmp directory.
There are two catagories of certificates you may import. The first is the returned CSR certificate signed by a Signing CA. The second is the group of certificates which are in the chain Place the certificate (and root certificate of signing CA) you wish to import into the /tmp directory. Enter the certificate filename (Only <ENTER> to abort):
- Enter n if the certificate
being imported is not signed by the CTPView CA.
Is this the CTPView CA signed certificate for this server? [N] n
- Enter the root certificate filename of signing CA.
Enter the root certificate filename of signing CA(Only <ENTER> to abort):
- Press Enter to continue to the next step. The CAC/PKI menu is displayed.
- From the CAC/PKI Menu, select 5) Display Certificate. The imported certificate must be displayed in the list.