Dell Powerconnect W-ClearPass Hardware Appliances W-ClearPass Guest 6.0 Deploy - Page 90

6. Click the Upload Certificate button to save your changes. If additional certificates are required, you will remain at the same page. Check the message displayed above the form to determine which certificate or type of file must be uploaded next. When the trust chain is complete, it will be displayed. This completes the initialization of the certificate authority. Renewing the Certificate Authority's Certificate When a root certificate is close to expiration, it must be renewed. Navigate to Onboard> Certificate Authority Settings and click the Renew Root Certificate link. The Root Certificate Renewal form is displayed. Select an option in the Renewal Type drop-down list: l Basic Renewal - Uses the same private key for the root certificate, but reissues the root CA certificate with an updated validity period. Use this option to maintain the validity of all certificates issued by the CA. l Replacement Renewal - Generates a new private key for the root certificate, and reissues the root CA certificate with an updated validity period. Use this option if the root certificate has been compromised, or if you want to invalidate all certificate that were previously issued by the CA. Whether you renew or replace the root certificate, you should distribute a new copy of the root certificate to all users of that certificate. Click the Renew Root Certificate button to perform the renewal action. Configuring Data Retention Policy for Certificates The data retention policy for certificates and certificate requests can be configured by navigating to Onboard > Certificate Authority Settings and clicking the Configure data retention link. The Manage Data Retention form is displayed. 90 | Renewing the Certificate Authority's Certificate Dell Networking W-ClearPass Guest 6.0 | Deployment Guide