McAfee MAP-3300-SWG Product Guide - Page 258
Certificate ID, Subject, Issuer, Expires, Delete, Export, Import Certificate, and Key, Option
UPC - 731944547008
View all McAfee MAP-3300-SWG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 258 highlights
Overview of System features Certificate Management Certificates typically have a lifetime of several months or years, so they do not need to be managed often. When requesting that your TLS certificates be created, McAfee recommends that you include the hostname and the IP address for the appliance that will be decrypting the TLS-encrypted email. If your appliance is part of a cluster, and is configured in Transparent Router or Explicit Proxy mode, ensure that you include the virtual hostname and virtual IP address for your cluster, rather than one of the physical IP addresses. Import the trusted Certificates Authorities and certificates from the participating organizations before you begin TLS configuration. RSA keys can be used both for encryption and for signing. DSA keys can be used for signing only. Table 254 Option definitions Option Certificate ID Subject Issuer Expires Delete View Export Import Certificate and Key Definition Displays the name of the certificate. Displays details about the certificate. Displays the certificate-issuing authority such as Thawte or Verisign. Displays the certificate's expiry date, such as May 05 2010 12:15:00. When clicked, deletes the selected certificate. When clicked, displays details of the selected certificate, such as its version, issuer, and public key. When clicked, opens another window, where you can choose to export the certificate or a complete certificate chain, and specify the certificate format. The file name extension is typically CRT. When clicked, opens another window where you can select a file. The imported certificate can be in one of these formats: • Binary (or DER-encoded) certificate file • PEM (Base64) encoded certificates • Binary PKCS#12 file • PEM-encoded PKCS#12 file To import a password-protected certificate, type the passphrase to unlock the private key. The appliance stores the decrypted certificate in a secure internal location. The appliance only verifies the certificate, and makes it available to use, after you click to apply your changes: Description of the icons Icon Description Certificate is valid Certificate is invalid. For example, the certificate has expired. 258 McAfee Email and Web Security Appliances 5.6.0 Product Guide