When do I use the Certificates tab?

The Certificates tab lists certificates not yet authenticated. This section must be used when:

1. Data One SSL Client (all remote connections over SSL) connects to a server on SSL protocol. The exposed certificate and its chain (depending on the counterpart server) are saved in this repository only if not already trusted.

Warning!

A successful Client Connection on SSL protocol requires the trust of the entire certification chain related to that protocol. A chain of trust cannot be completed without a trust anchor issued by a Certificate Authority.

For safety reasons, a remote SSL server is only allowed to send end-entity and intermediate certificates , but CA trust anchors must be provided separately. To complete the chain, you must manually import a secure and trustworthy CA trust anchor. Be careful to import only reliable and proved CA trust anchors as it is impossible to recognize fake certificates issued by a malicious CA once its certificate has been trusted. With great power comes great responsibility!

To import a certificate go to Setup → Trust Store → Certificates tab and click the IMPORT button. Once you have imported the CA trust anchor and trusted all intermediate and end-entity certificates, the Client Connection can be established successfully.

2. Data One SSL Server (all servers exposed in SSL) receives a connection from a client over SSL protocol that requires client authentication. The certificate is saved in this repository only if not already trusted.