Mutual authentication profiles and LDAP authentication profiles that rely on a secure LDAP server both require that the trusted root of their associated CAs be imported to the appliance. For more information, see Using Mutual (Certificate-Based) Authentication and Using LDAP Authentication.
When creating these profiles, you will be required to access the Import Trusted Root dialog box and copy in the appropriate trusted root file.
To create a trusted root file, do the following:
In the Imported Filename field, type a path and filename for the trusted root file.
The filename can contain up to eight alphanumeric characters and a .DER extension. The appliance automatically appends the .DER extension if you don't include it.
IMPORTANT: Be sure you use a unique filename for each .DER file. The appliance overwrites files without warning if you use duplicate filenames.
Remember that Excelerator is not case-sensitive, so MyCert.DER and mycert.der are, effectively, the same filename.
The path must be a directory path that already exists. You cannot create directories on the appliance.
If you want to list your trusted root files later, use an FTP-accessible directory, such as SYS:\ETC\PROXY\DATA, as the path. Otherwise, you won't be able to list the files. For a list of FTP-accessible directories, see Functionality Limitations of the Appliance's Mini FTP Server.
If you don't include a path with the filename, Excelerator creates the file at the root of the SYS: volume. You cannot see the root of the SYS: volume using FTP.
Using a text editor on your configuration workstation, open the .DER file for the Certificate Authority > select the file contents > paste the contents to the clipboard.
To obtain .DER files, contact a Certificate Authority vendor.
Return to the Import Trusted Root dialog box > paste the clipboard contents into the text box above the OK and Cancel buttons.
Click OK.