Certification Authorities

Certification Authorities are listed and managed in the Certification Authorities section. If you have multiple Certification Authorities, you can apply a filter to sort them.

details_hoverNOTE

Certification Authorities and certificates are accessed using the same permissions for the Certificates function. Certificates and authorities created during installation, and those created afterward by the administrator, are contained in the All static group. See the list of permissions for more information on access rights.

Actions > add_new_defaultNew  - Create a new Certification Authority

Actions > delete_default Delete - Delete the selected certification authority

Actions > import_default Import Public Key

Actions > export_default Export Public Key

Actions > move_default Access Group - A certification authority can be moved to another group to become available to users who have sufficient rights for this group.

Access Group Filter

The Access Group filter button allows users to select a static group and filter viewed objects according to the group where they are contained.

access_group

Add filter and filter presets

To add filtering criteria, click Add filter and select item(s) from the list. Enter the search string(s) into the filter field(s). Active filters are highlighted in blue.

Filters can be saved to your user profile so that you can use them again in the future. Under Presets the following options are available:

Filter sets - your saved filters, click one to apply it. The applied filter is denoted with a apply_default check mark. Select Include visible columns, sorting and paging to save these parameters to the preset.

add_new_defaultSave filter set - Save your current filter configuration as a new preset. Once the preset is saved, you can not edit the filter configuration in the preset.

edit_defaultManage filter sets - Remove or rename existing presets. Click Save to apply the changes to presets.

Clear filter values - Click to remove only the current values from the selected filters. Saved presets will remain unchanged.

Remove filters - Click to remove the selected filters. Saved presets will remain unchanged.

Remove unused filters - Remove filter fields with no value.

light-bulbEXAMPLE: How to divide access to certificates and authorities

If Administrator does not want to allow the user John to access ESMC Certification Authorities, but needs him to be able to work with certificates, the administrator has to follow these steps:

1.Create a new Static Group called Certificates.

2.Create new Permission set.

a.Name this permission set Permissions for certificates.

b.Add a group named Certificates in section Static Groups.

c.In the Functionality section, select Write for Certificates.

d.In the Users section, click icon_expand Native Users and select John.

e.Click Finish to save the permission set.

3.Move certificates from the All group to the newly created Certificates group:

a.Navigate to More > Peer Certificates.

b.Select the check boxes checkbox_ok next to the certificates you want to move.

c.Click Actions > move_default Access Group, select the Certificates group and then click OK.

Now, John is able to modify and use moved certificates. However, Certification Authorities are safely stored out of this user's reach. John will not be able even to use existing authorities (from group All) for signing any certificates.