Deleting a trusted ca list profile, Signing certificate requests with a local ca, Viewing the certificates signed by a local ca – HP Secure Key Manager User Manual
Page 54: Downloading a local ca, Deleting a local ca, Creating a local ca, Creating a self-signed root ca, Creating an intermediate ca request
Deleting a trusted CA list profile
To delete a trusted certificate authority list profile:
1.
Log in to the Management Console as an administrator with Certificate Authorities access control.
2.
Navigate to the Trusted Certificate Authority List Profiles section of the Certificate and CA
Configuration page (Security > Trusted CA Lists).
3.
Select a profile and click Delete.
NOTE:
You cannot delete the default profile.
Signing certificate requests with a local CA
To sign certificate requests with a local CA:
1.
Generate a certificate request on the machine where the client application resides. If you are
signing a certificate for another SKM, then generate the certificate request on that machine. If you
are signing a certificate for a client application, the documentation that accompanies the client
application should explain how to create a new certificate request.
2.
Paste the certificate request generated by the client application into the certificate request field on
the Sign Certificate Request page.
3.
Set Certificate Purpose to Server if this certificate is used by an SKM; set the purpose to Client if this
certificate is used by a client application. The maximum duration for a certificate signed by a local
CA is determined by the value of the Maximum User Certificate Duration field for that CA.
4.
Click Sign Request. The SKM displays the newly signed certificate.
5.
Install the certificate on the client application or SKM. The certificate can now used to establish
SSL sessions.
Viewing the certificates signed by a local CA
To view all of the certificates signed by a local CA:
1.
Log in to the Management Console as an administrator with Certificate Authorities access control.
2.
Navigate to the Local Certificate Authority List section of the Certificate and CA Configuration
page (Security > Local CAs).
3.
Select a certificate authority and click Show Signed Certs to access the Signed Certificates section.
Alternatively, you can access the Signed Certificates section by using the Show Signed Certs button
on the CA Certificate Information section.
Downloading a local CA
To download a local CA:
1.
Log in to the Management Console as an administrator with Certificate Authorities access control.
2.
Navigate to the Local Certificate Authority List section of the Certificate and CA Configuration
page (Security > Local CAs).
3.
Select a certificate authority and click Download to download the CA to your local workstation.
Alternatively, you can download the certificate authority by using the Download button on the
CA Certificate Information section.
54
Performing configuration and operation tasks