User's Manual 132 Document #: LTRT-89730
Mediant 3000
11.6 Importing Certificates and Certificate Chain into
Trusted Certificate Store
The device provides its own Trusted Root Certificate Store. This lets you manage
certificate trust. You can add up to 20 certificates to the store per TLS Context (but this
may be less depending on certificate file size).
The trusted store can also be used for certificate chains. A certificate chain is a sequence
of certificates where each certificate in the chain is signed by the subsequent certificate.
The last certificate in the list of certificates is the Root CA certificate, which is self-signed.
The purpose of a certificate chain is to establish a chain of trust from a child certificate to
the trusted root CA certificate. The CA vouches for the identity of the child certificate by
signing it. A client certificate is considered trusted if one of the CA certificates up the
certificate chain is found in the server certificate directory.
Figure 11-8: Certificate Chain Hierarchy
For the device to trust a whole chain of certificates per TLS Context, you need to add them
to the device's Trusted Certificates Store, as described below.
Note: Only Base64 (PEM) encoded X.509 certificates can be loaded to the device.
 To import certificates into device's Trusted Root Certificate Store:
1. Open the TLS Contexts page (Configuration tab > System menu > TLS Contexts).
2. In the table, select the required TLS Context index row, and then click the TLS
Context Trusted Root Certificates button, located below the table; the Trusted
Certificates page appears.
To Next Page
Loading...
Need help?
General
