Manage certificates

To manage the Secure Sockets Layer (SSL) certificates of the system, you can use the certificate management function. The system provides one-stop certificate lifecycle management, realizes trusted identity authentication and secure data transmission, and simplifies certificate management.

SSL is a security protocol that provides security and data integrity for network communication. SSL protocol operates between TCP/IP protocols and various application layer protocols. It encrypts network connection between the transport layer and the application layer. SSL has been widely used in identity authentication and secure data transmission between Web browsers and servers.

An SSL certificate is a server digital certificate issued by a trusted root certificate authority. SSL certificates use SSL protocol for communication. After an SSL certificate is deployed to the system, users' access to the system, and data transmission or user identity authentication on the system will use HTTPS. Thus, encrypted connection is established between users and the system, securing data transmission over the Internet.

The default SSL certificate is provided in the system. You can replace it with customized certificates.

View the default certificate

You can perform this task to view the serial number, effective time, expiration time, email, certificate authority, and other information of the default certificate.

1. On the top navigation bar, click System.

2. From the left navigation pane, select System Settings > Security Settings > Certificate Management.

Import certificates

You can perform this task to replace the default certificate with customized certificates and key file. The replacement takes about 15 s, during which the system is unavailable.

1. On the top navigation bar, click System.

2. From the left navigation pane, select System Settings > Security Settings > Certificate Management.

3. Click Import, and then click the  icon to select the local certificate or file to be imported.

4. Click OK.

The system will automatically verify the root certificate resolution (if any), the service certificate resolution, and the validity of the certificate.

• If the verification failed, the system prompts invalid certificate format.

• If the verification succeeded, the information of the imported certificates is displayed, including certificate authority and effective time. Click OK to complete import.

5. Refresh the page to check the imported certificates.

Revoke a certificate

You can perform this task to revoke the customized certificates and key file so as to restore the default certificate. The replacement takes about 15 s, during which the system is unavailable.

1. On the top navigation bar, click System.

2. From the left navigation pane, select System Settings > Security Settings > Certificate Management.

3. Click Revoke.

4. Click OK.

Download a certificate or key file

You can perform this task to download the root certificate (if any), service certificate, and key file locally.

1. On the top navigation bar, click System.

2. From the left navigation pane, select System Settings > Security Settings > Certificate Management.

3. Click Download Root Certificate, Download Service Certificate, or Download Key File.