Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Manage Certificate Authority Group

 

About Certificate Authority Group Page

You are here: Administration > Certificate Management > Trusted Certificate Authority.

Multiple CA profiles can be grouped in one trusted CA group for a given topology. The ca-group can be used either in SSL or IPSec.

SSL forward proxy ensures secure transmission of data between a client and a server. Before establishing a secure connection, SSL forward proxy checks certificate authority (CA) certificates to verify signatures on server certificates. For this reason, a reasonable list of trusted CA certificates is required to effectively authenticate servers.

Table 1 provides the details of the fields of the Certificate Authority Group Page.

Table 1: Fields on Certificate Authority Group Page

Field

Description

Group Name

Displays a Name for the CA profile group.

CA Profiles

Displays the name of CA profiles.

Used For

Displays whether the CA profile group is used for IPsec VPN or for SSL proxy.

You can perform the following tasks:

  • Import a CA group to manually load the CA group. See Import Trusted CA Group.

  • Add a CA group. See Add a CA Group.

    Note

    You can group up to maximum of 20 CA profiles in a single trusted CA group. A minimum of one CA profile is a must to create a trusted CA group.

  • Edit a CA group. See Edit a CA Group.

  • Delete a CA group. See Delete CA Group.

  • Search for text in a CA group table. See Search Text in Certificate Authority Group Table.

  • Filter the CA group information based on select criteria. To do this, select the filter icon at the top right-hand corner of the table. The columns in the grid change to accept filter options. Type the filter options; the table displays only the data that fits the filtering criteria.

  • Show or hide columns in the CA group table. To do this, use the Show Hide Columns icon in the top right corner of the page and select the options you want to show or deselect to hide options on the page.

Import Trusted CA Group

To import a trusted CA group:

  1. Select Administration > Certificate Management > Certificate Authority Group.
  2. Click Import.

    The Import Trusted CA Group page appears.

  3. Complete the configuration according to the guidelines provided in Table 2.
  4. Click OK to import the CA group.

    You are taken to the Certificate Authority Group page. If the CA group content that you imported is validated successfully, a confirmation message is displayed; if not, an error message is displayed.

    After importing a CA profile group, you can use it when you create a SSL proxy.

Table 2: Fields on the Import Trusted CA Group Page

Field

Action

CA Group Name

Enter the name of a CA group.

File path for CA Group

Click Browse to navigate to the path from where you want to import the CA group.

Note: Only .pem format is supported.

Add a CA Group

To add a CA group:

  1. Select Administration > Certificate Management > Certificate Authority Group.
  2. Click the add icon (+).

    The Add CA Group page appears.

  3. Complete the configuration according to the guidelines provided in Table 3.
  4. Click OK to save the changes. If you want to discard your changes, click Cancel instead.

    If you click OK, a new CA group with the provided configuration is created.

    After added a CA group, you can use it for IPSec VPN.

Table 3: Fields on the Add CA Group Page

Field

Action

CA Group Name

Enter an unique CA group name.

CA Profiles

Select a CA profile name from the list in the Available column and then click the right arrow to move it to the Selected column.

Note: You can add up to maximum of 20 CA profiles per trusted CA group.

Edit a CA Group

To edit a CA group:

  1. Select Administration > Certificate Management > Certificate Authority Group.
  2. Select a CA group.
  3. On the upper right side of the Certificate Authority Group page, click the pencil icon.

    See Table 3 for the options available for editing on the Edit CA Group page.

  4. Click OK

Delete CA Group

To delete a CA group:

  1. Select Administration > Certificate Management > Certificate Authority Group.
  2. Select a CA group.
  3. On the upper right side of the Certificate Authority Group page, click the delete icon to delete.

    A confirmation window appears.

  4. Click Yes to delete.

Search Text in Certificate Authority Group Table

You can use the search icon in the top right corner of a page to search for text containing letters and special characters on that page.

To search for text:

  1. Enter partial text or full text of the keyword in the search bar and click the search icon.

    The search results are displayed.

  2. Click X next to a search keyword or click Clear All to clear the search results.