McAfee EPOCDE-AA-BA Product Guide - Page 59
Uploading server certificates, Enable Certificate Based Authentication
View all McAfee EPOCDE-AA-BA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 59 highlights
Configuring advanced server settings Authenticating with certificates 7 Task 1 Click Menu | Configuration | Server Settings. 2 Select Certificate Based Authentication and click Edit. 3 Click Browse next to CA certificate for client certificate (P7B, PEM). 4 Navigate to and select the certificate file, then click OK. 5 If you have a Certificate Revoked List (CRL) file, click Browse next to this edit box, navigate to the CRL file, and click OK. 6 Click Save to save all changes. 7 Restart ePolicy Orchestrator to activate certificate authentication. Uploading server certificates Servers require certificates for SSL connections providing increased security than standard HTTP sessions. Before you begin To upload a signed certificate, you must have already received a server certificate from a Certificate Authority (CA). It is possible to create self-signed certificates instead of using externally signed ones, though this carries slightly higher risk. This task can be used to initially configure certificate-based authentication, or modify an existing configuration with an updated certificate. Task For option definitions, click ? in the interface. 1 Click Menu | Configuration | Server Settings. 2 Select Certificate Based Authentication and click Edit. 3 Select Enable Certificate Based Authentication. 4 Click Browse next to CA certificate for client certificate (PKCS7, PEM encoded, DER encoded, or PKCS12 file with extension like .cer, .crt, .pem, .der, .p12, .p7b). Navigate to and select the certificate file and click OK. 5 If you have provided a PKCS12 certificate file, enter a password and alias name as appropriate. 6 If you want to provide a Certificate Revoked List (CRL) file, click Browse next to Certificate Revoked List file (PEM) . Navigate to and select the CRL file and click OK. The CRL file must be in PEM format. 7 Click Save to save all changes. 8 Restart the server to enable the Certificate Based Authentication settings changes. Removing server certificates Server certificates can and should be removed if they are no longer used. Before you begin The server must already be configured for certificate authentication before you can remove server certificates. McAfee® ePolicy Orchestrator® 4.6.0 Software Product Guide 59