Manualshelf

User guide

ManualsBrandsAtrust ManualsComputer equipmentM320
919293949596979899100
Using the Advanced Method to Configure Trust 83
Chapter 9: Managing Trusted Servers
2. Click Remove.
Editing a Trusted Server Entry
You might need to change the trusted server configuration. For example, you might
want to change the setting from trusting any server with a valid certificate to just
one or a small set of domain names.
To edit an entry in the trusted servers list:
1. Select the entry from the Trusted Servers dialog.
2. Click Edit.
The Trusted Server Properties dialog appears. From this dialog, you can change the
server domain and select a different certificate. See the directions in “Adding a
Trusted Server Entry” on page 81.
Using the Advanced Method to Configure Trust
Use the advanced method for more detailed control over trust configuration. This
method displays the entire trust tree and shows trusted servers added using the
simple method and those added using the advanced method.
Each path through the trust tree defines a set of rules for matching a certificate
chain. See “Displaying a Trust Tree” on page 83. OAC trusts an authentication
server only if its certificate chain matches at least one path through the trust tree.
A path through the trust tree contains two or more nodes:
Each top-level node is the certificate of a root or intermediate certificate
authority.
Each intermediate node (if present) is the name of an intermediate certificate
authority in the chain.
Each final or leaf node is the name of an authentication server that you trust.
The names of certificate authorities and servers might be specified as subject
names or as domain names. In addition, you can specify that the name in a
certificate must match the configured name exactly or that it must end in the
configured name.
Displaying a Trust Tree
To display the trust tree, click Advanced on the Trusted Servers dialog. The dialog
that appears enables you to navigate the trust tree and add certificates.
NOTE: If you do not understand certificates and certificate chains, do not attempt
to configure trust using the advanced method. Consult your network
administrator as to how to configure trusted servers.