Manualshelf

User guide

ManualsBrandsAtrust ManualsComputer equipmentM320
919293949596979899100
Odyssey Access Client Administration Guide
84 Using the Advanced Method to Configure Trust
Adding Certificate Nodes
To add a new certificate to the top level of the trust tree:
1. Click the Add Certificate button. The Select Certificate dialog appears.
2. Select a certificate from the list and click OK. You can select a certificate from
the list of intermediate or trusted root certificates.
To display detailed information about any certificate before you add it:
1. Select the certificate.
2. Click View on the Select Certificate dialog.
Adding Authentication Servers or Intermediate CA Nodes
All nodes below the top level identify either authentication servers or intermediate
Certificate Authorities (CAs). If the node is a leaf node, it is assumed to identify an
authentication server. Otherwise, it is assumed to identify an intermediate CA.
To add an authentication server or intermediate certificate authority to the tree,
follow these steps from the Trusted Servers dialog:
1. Select the node in the tree below which you want to add the new item.
2. Click Add Identity
in the Trusted Servers dialog. The Adding Identity dialog
appears. Fill it in according to the directions in “Adding Identity” on page 84.
3. Enter the information that defines the rules that OAC uses to match a
certificate in the server’s certificate chain to this node.
4. Click OK.
Adding Identity
When you click Add Identity in the Trusted Servers dialog, the Add Identity dialog
appears.
To set the matching rules for a single node in the trust tree from the Add Identity
dialog:
1. For Trust a server or intermediate CA with a valid certificate, select one of
the following:
Choose Regardless of its name to match any certificate, provided that it is
signed by the certificate authority in the node above.
Choose If its name matches the following name exactly to require that
the name in the certificate match the name that you specify.
Choose If its name ends with the following name to require that the
name in the certificate is subordinate to the name you specify. For
example, a certificate with name sales.acme.com would match an entry of
acme.com.