Understanding CAs
Certificate Authorities (CAs) are entities that issue digital certificates. SCM supports both public and private CAs.
CAs are represented by a root CA and one or more issuing CAs:
-
The root CA is the top-level CA in the hierarchy and is responsible for signing the certificates of the issuing CAs.
-
The issuing CAs are responsible for signing the certificates of the end entities.
In SCM, you can do the following:
-
Create and manage private CAs for existing private CA backends.
-
Download CA certificates for available public and private CA backends.
| For more information on CA backends, see Understanding CA backends. |
CAs can be managed on the CAs page.
The following table describes the controls on the CAs page.
| Control | Description |
|---|---|
Name |
The name of the private CA. |
Trial Mode |
Indicates whether the private CA is in trial mode. |
Subject |
The subject field of the private CA certificate. |
Key Type |
The type of algorithm used for certificate encryption. |
Signature |
The type of signature algorithm used for signing the certificate. |
State |
The state of the private CA. The most common values are:
|
Serial Number |
The unique serial number of the private CA certificate. |
Expires |
The expiration date of the private CA certificate. |
Parent Issuer |
The parent CA that issued the private CA certificate. |
Table controls |
|
Filter |
Enables you to sort the table information using custom filters. |
Refresh |
Refreshes the information presented in the table. |
Manage Columns |
Enables you to select which table columns to display. |
Admin controls |
|
Select CA backend |
Expands the list of available private and public CA backends. |
Add |
Opens the Request Trial CA dialog where you can request a new trial private CA. |
Delete |
Deletes the selected root private CA. |
Download Certificate |
Downloads the certificate of the selected CA. |
Revoke |
Revokes the selected issuing private CA. |