Replacing a default Certificate Authority bundle
The Certificate Authority (CA) bundle is required when using Web Authentication (SSO). You must upload a list of PEM-encoded X.509 public certificates for each root and intermediate Certificate Authority in the chain in order for clients to be successfully verified.
To replace a default CA
- From the main menu, click the Administration icon.
The Administration page opens.
- In the Security section, click HTTPS .
- On the HTTPS Configuration page, click Upload in the CA Certificates row.
- Click Browse next to CA Certificate Bundle File and select the certificate bundle returned by the certificate signing authority.
- Click Apply.
The new certificate bundle is uploaded.
If you are using Microsoft Certificate Services, you must use the Download CA certificate chain option with Base 64 encoding. This produces a PKCS #7 encoded file (.p7b) that is automatically converted to the correct format during the upload.