View and enable signing certificates
Icons on the list
| Icon | Description |
|---|---|
|
Certificate or key has expired but will continue to be used |
|
Certificate or key has not failed any validity checks and can be used |
 /  |
Enabled certificate A digital means of proving your identity. When you send a digitally-signed message, you are sending your certificate and public key. Certificates are issued by a certification authority and can expire or be revoked. / Disabled certificate |
|
Public certificate |
 /  |
Certificate has a private key The secret key kept on the sender's computer that the sender uses to digitally sign messages to recipients and to decrypt messages from recipients. Private keys should be password protected. / Certificate does not have a private key |
View details for a certificate
- Navigate to System > Encryption > Certificate Store.
- Select the Certificate Authorities tab.
- Select a certificate in the list.
- Click View.
Enable or disable a certificate
- Navigate to System > Encryption > Certificate Store.
- Select the Certificate Authorities tab.
- Select a certificate in the list.
- Click Enable or Disable.
- Apply the configuration.
|
A disabled Root CA or sub-CA certificate will not be available for use when verifying a TLS connection or for signature verification. Disabling a certificate prohibits the use of an untrusted Root CA or sub-CA certificate and stops any subsequent attempts to re-import the untrusted certificate. However, deleting an untrusted certificate could result in it being re-imported again in the future. |
|
If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > Configuration > Apply Configuration. See Apply new configuration for more information. If you use |