| Configuring the Security Features | 204
Managing the Trusted Certificates List
When the system serves as a TLS client and requests a TLS connection with a server, the system should
verify the server certificate sent by the server to decide whether it is trusted based on the trusted
certificates list.
About this task
The trusted certificates list contains the default and the custom certificates.
• Default Certificates: The system has 36 built-in trusted certificates.
• Custom Certificates: You can upload up to 10 trusted certificates with the size of no more than 5M to
the system. The format of the CA certificates must be .pem, .cer, .crt and .der.
Procedure
1. On your web user interface, go to Security > Trusted Certs.
2. Configure and save the following settings:
Parameter Description Configuration Method
Only Accept Trusted
Certificates
Enable or disable the system
only trusting the server
certificates in the trusted
certificates list.
Note: the default value is On.
If it is disabled, the system can
connect to the server no matter
whether the certificate send by
the system is valid or not.
If it is enabled, the system
will authenticate the server
certificate based on the trusted
certificates list. Only when the
authentication succeeds, will the
system trust the server.
If you change this parameter, the
system will reboot to make the
change take effect.
Web user interface
Common Name Validation
Enable or disable the system
to mandatorily validate
the CommonName or
SubjectAltName of the server
certificate sent by the server.
This security verification rules are
compliant with RFC 2818.
Note: the default value is Off.
If you change this parameter, the
system will reboot to make the
change take effect.
Web user interface
To Next Page
Loading...
