When do I use the Certificates tab?
The Certificates tab lists certificates not yet authenticated. This section must be used when:
- Data One SSL Client (all remote connections over SSL) connects to a server on SSL protocol. The exposed certificate and its chain (depending on the counterpart server) are saved in this repository only if not already trusted.
Warning!A successful Client Connection on SSL protocol requires the trust of the entire certification chain related to that protocol. A chain of trust cannot be completed without a trust anchor issued by a Certificate Authority.
For safety reasons, a remote SSL server is only allowed to send end-entity and intermediate certificates , but CA trust anchors must be provided separately. To complete the chain, you must manually import a secure and trustworthy CA trust anchor. Be careful to import only reliable and proved CA trust anchors as it is impossible to recognize fake certificates issued by a malicious CA once its certificate has been trusted. With great power comes great responsibility!
To import a certificate go to Setup → Trust Store → Certificates tab and click the IMPORT button. Once you have imported the CA trust anchor and trusted all intermediate and end-entity certificates, the Client Connection can be established successfully.
- Data One SSL Server (all servers exposed in SSL) receives a connection from a client over SSL protocol that requires client authentication. The certificate is saved in this repository only if not already trusted.
Updated about 1 year ago