Reference7:Certificate management: Difference between revisions
Jump to navigation
Jump to search
m (→Trust list) |
|||
Line 8: | Line 8: | ||
== Trust list == | == Trust list == | ||
To establish a TLS connection, the certificate of the server or of the issuing CA must be trusted. Therefore each client maintains a list of trusted certificates. | |||
[[Image:Certificate_trustlist.png|thumb|Certificate trustlist GUI]] | [[Image:Certificate_trustlist.png|thumb|Certificate trustlist GUI]] | ||
Line 18: | Line 18: | ||
=== Installing a certificate from a file === | === Installing a certificate from a file === | ||
* | * Select a certificate file. | ||
* Press the "Upload" button. | |||
* Take a look at the certificate details and check wheather the SHA1 and MD5 fingerprints match with the values published by the certificate owner. | * Take a look at the certificate details and check wheather the SHA1 and MD5 fingerprints match with the values published by the certificate owner. | ||
Line 25: | Line 26: | ||
=== Removing certificates from the trust list === | === Removing certificates from the trust list === | ||
* Select the items to remove using the check boxes and press the | * Select the items to remove using the check boxes and press the "Remove" button. | ||
* Open TLS connections using these certificates will not be closed. | * Open TLS connections using these certificates will not be closed. | ||
Revision as of 16:26, 27 March 2008
Supported features
File formats
There are two commonly used file formats for certificates:
- DER (Distinguished Encoding Rules) is a binary encoding. A typical file extension would be .crt.
- PEM (Personal E-Mail) uses only printable characters and therefore allows for easy use with e-mail.
Trust list
To establish a TLS connection, the certificate of the server or of the issuing CA must be trusted. Therefore each client maintains a list of trusted certificates.
Certificate details
Click the subject name to view the details of a trusted certificate.
Installing a certificate from a file
- Select a certificate file.
- Press the "Upload" button.
- Take a look at the certificate details and check wheather the SHA1 and MD5 fingerprints match with the values published by the certificate owner.
Installing a certificate that was rejected before
See section "Rejected certificates".
Removing certificates from the trust list
- Select the items to remove using the check boxes and press the "Remove" button.
- Open TLS connections using these certificates will not be closed.
Download
You can download a certificate from the trust list in PEM and DER format by clicking the corresponding link.