User guide
Chapter 9: Security
87
Install a New Trusted Certificate Authority
To install a new trusted Certificate Authority (CA) to the SX, the CA
certificate must be on an accessible FTP server.
1. Select the Install Certificate Authority checkbox.
2. Fill in the data needed to retrieve the certificate from the FTP server.
3. Click OK to retrieve and install the CA certificate to the SX.
Remove a User-Added Certificate Authority
To remove a user-added CA from the SX:
1. Select the Remove Certificate Authority checkbox.
2. In the CA Name field, type the name that was specified when the CA
certificate was added.
3. Click OK to remove the certificate.
View a Certificate Authority
To view a CA:
1. Select the View Certificate Authority checkbox.
2. In the CA Name field, type the name of the CA you want to view.
3. Click OK to retrieve the list of CAs.
Manage the Client Certificate Revocation List (CRL)
The SX comes with VeriSign and Thawte CA certificates and CRLs
preinstalled. If a user adds a custom CA to the SX, a corresponding CRL
should be added to keep track of revoked certificates. For the CRL to be
automatically retrieved when it expires, it should be retrievable from a
web server to which the SX can connect.
Add a New Certificate Revocation List to the SX
To add a new CRL to the SX, the CRL list must be on an accessible FTP
server.
1. Select the Add Certificate Revocation List checkbox.
2. Fill in the fields to access the FTP Server.
The CRL Name field should match the name that was used to
add the CA.
The URL field should be the numeric dot notation of the IP
address of the HTTP server.
3. Click OK to add the CRL.