Filter
Top Products
Working with Certificates for the ETEPs
EncrypTight User Guide 279
The Certificate Requests view displays pending certificate requests for selected appliances. You can
manage certificate requests from the shortcut menu (view, delete, or install). Select a request from this
view to see its contents in detail, including the PEM-formatted certificate request.
● CRLs view
The CRLs view displays Certificate Revocation Lists installed on the selected appliances. You can
manage CRLs using the shortcut menu.
The Certificates view, Certificate Requests view, and the CRLs view provide the following options to
manage the contents of the view:
● Clear contents removes certificate information from the view. This action does not affect the
certificates or CRLs installed on an appliance. To clear the contents of the view, click .
● The Refresh action updates the certificate status for the appliances in the view. To refresh status, click
Refresh on the shortcut menu or click .
Certificate Manager Workflow
An important prerequisite to installing new certificates is identifying the certificate authority you plan to
use. Your organization may have a standard CA that everyone uses, or you may need to select one for
this particular security application. The information in this chapter assumes that you have established a
relationship with a certificate authority.
These are the typical tasks to perform to obtain and manage certificates:
1 Select a CA.
2 Obtain external certificates (CA certificate or certificates for other EncrypTight components).
3 Install external certificates.
4 Generate a certificate signing request and submit it to a CA.
5 Install the certificate.
Working with External Certificates
EncrypTight appliances use external certificates to validate communications from peers. An external
certificate can be a CA certificate or a copy of the peer certificate itself. A minimum of one external
certificate is required for peer authentication. You can install as many external certificates as are needed
to validate the peers that communicate securely with the EncrypTight appliance.
Related topics:
● “Obtaining External Certificates” on page 279
● “Installing an External Certificate” on page 280
Obtaining External Certificates
If you plan to use a CA certificate as an external certificate you need to obtain one from a CA or use a
CA certificate provided by your company. If you plan to use peer certificates as external certificates, you
must install the identity certificate of each peer that will be communicating with the appliance.