About the trusted CA store
Trusted CA store settings are under Administration > Security: Trusted CA Store. There, you can import signed certificates and certificate chains from trusted third-party CAs into the SCC CA service, and you can update the trusted root store by clicking Update in the SSL Certificate Authorities Update section.
SSL certificate verification requires a complete chain of certificates. You can import root certificates separately or together as a chain.
The Trusted CA store displays a list of trusted CA certificates stored in a secure vault that are used to verify end-user CAs that are imported into the SCC.
Whether the SCC CA is root CA or intermediate CA, completely depends on how the SCC CA certificate is signed:
• If SCC CA certificate that is being imported is self-signed then the SCC CA acts as a root CA.
• If SCC CA certificate is signed by any other CA, then the SCC CA acts as an intermediate CA.
You have these options for importing intermediate CAs:
• Add the CA’s public certificate to the trusted store, and then import the end-user certificate from the SCC Certificate Authority page.
• Import the complete chain of the certificate from SCC Certificate Authorities page. The end-user certificate must be the first certificate in the chain.