Importing CAs into the trusted CA store
You can import third-party signed certificates and certificate chains into the SCC CA service using the Trusted CA Store page.
SSL certificate verification requires a complete chain of certificates. Using the Trusted CA Store page you can import third-party signed certificates and certificate chains into the SCC CA service. You can also import root certificates separately or together as a chain.
The Trusted CA store displays a list of trusted CA stored in a secure vault that are used to verify end-user CAs that are imported into the SCC.
Whether the SCC CA is root CA or intermediate CA, completely depends on how the SCC CA certificate is signed:
• If SCC CA certificate that is being imported is self-signed then the SCC CA acts as a root CA.
• If SCC CA certificate is signed by any other CA, then the SCC CA acts as an intermediate CA.
You have these options for importing intermediate CAs:
• Add the CA’s public certificate to the Trusted CA Store page and import the end-user certificate from the SCC Certificate Authority page.
• Import the complete chain of the certificate from SCC Certificate Authorities page. The end-user certificate must be the first certificate in the chain.
To import a CA into the Trusted CA Store
1. Choose Administration > Security: Trusted CA Store to display the Trusted CA Store page.
2. Click + Import New Certificate to expand the page.
3. Complete the configuration as described in this table.
Control | Description |
Optional Local Name | Optionally, specify the name of the trusted CA store. |
Local File | Select this option and browse to the local file. |
Cert text | Select this option to copy and paste the certificate authority. |
Add | Adds the certificate authority to the trusted CA store. |
The certificate appears in the CA list.