User Access Manager Help >> Operation Guide >> User Access Policy >> Service Parameters >> Certificate >> Certificate Verification

Certificate Verification

Perform this task to verify certificates.

Operation Procedure

1. Click the User tab, and then select User Access Policy > Service Parameters > Certificate from the navigation tree to display the certificate configuration page.
2. Click Certificate Verification.
3. Select and upload certificate files to be verified.
4. Click OK.

Precautions

• INC supports the following certificate formats: PEM (Base64 encoded, .pem or .cer), DER (DER encoded, .der or .cer), and PKCS12 (PKCS 12 encoded, .pfx, or .p12). If a .pfx certificate file is used, the private key file cannot be in PVK format. Do not store the certificate and private key in the same DER file.

Parameters

• Root Certificate File: A CA certificate file signed by the CA that contains public key owner information and public key. A root certificate is mainly used to verify the validity of the server certificate and client certificate that the root certificate has issued. A CA certificate can be generated by a third party CA, or through deploying a Windows 2003 certificate server.
• Server Certificate File: Certificate that installed on the server. It can provide server identity and public key information for clients. A certificate can be used with a public key to perform information exchange between a server and client, and implement data encryption.
• Private Key File of Server Certificate: It contains private key information corresponding to the public key of the server certificate. The private key information can be used to decrypt data that has been encrypted using the public key of the server certificate. Common CA servers can export server certificates and private key files to a file and provide the password for decryption. The extension name of such files can be PFX or P12.
• Password of Server Private Key: A password is required when you export the server certificate and server certificate key separately. It is used to protect the private key file. To import the server certificate key file successfully, you also need to enter this password. This password is the one for protecting the server certificate key.
• Client Certificate: Certificate that installed on the client. A certificate can be used with a public key to perform information exchange between a server and client, and implement data encryption.
• Private Key File of Client Certificate: It contains private key information corresponding to the public key of the client certificate. The private key information can be used to decrypt data that has been encrypted using the public key of the client certificate. Common CA servers can export client certificates and private key files to a file and provide the password for decryption. The extension name of such files can be PFX or P12.
• Client Certificate Key Password: A password is required when you export the client certificate and client certificate key separately. It is used to protect the private key file. To import the client certificate key file successfully, you also need to enter this password. This password is the one for protecting the client certificate key.