Participants in a Public-Key Infrastructure (PKI) scheme use root certification authorities and other intermediate certification authorities to determine the trustworthiness of an identity certificate. These certification authorities are collectively known as trust anchors or trusted certificates.
System Manager certificate management supports the following tasks on the trusted certificate of a service:
View: Provides details, such as subject, issuer, key size, fingerprint, and expiry date of the certificate that a service uses.
Add: A service may require to communicate with another service outside the deployment PKI of Avaya Aura®. For example, for a service to gain access to a remote database or a directory service which presents an identity certificate signed by a commercial CA, include the certificate of the CA in the list of trusted certificates of the service.
You can add a certificate to a trusted certificate store of the service in the following encodings:
You can also get a certificate from an SSL socket or from the built-in certificate store.
Export: Trust Management supports exporting the selected certificate from the list of trusted certificates to a PEM formatted file.
Delete: When you do not need a service to participate in an external PKI hierarchy, the administrator can remove the trusted certificate from the trusted certificate store of the service. For example, when CA changes, you do not require the existing CA.
