Import Certificates and Trustpoints

A certificate links identity information with a public key enclosed in the certificate. Each certificate is digitally signed by a trustpoint. The trustpoint signing the certificate can be a certificate authority, corporation or individual. A trustpoint represents a CA/identity pair containing the identity of the CA, CA-specific configuration parameters and an association with an enrolled identity certificate.

Use this procedure to optionally import a certificate or trustpoint.

  1. Go to Devices and select a device.
  2. Select the Certificates tab.
  3. Select the Manage Certificates tab.
  4. Select and configure the parameters as described in Import Trustpoint Parameters.
    Table 1. Import Trustpoint Parameters
    Parameter Description
    Trustpoint Details
    Trustpoint Type

    Select the type of trustpoint to be imported. Options include:

    • Import – Select to import any trustpoint.
    • Import CA – Select to import a Certificate Authority (CA) certificate.
    • Import CRL – Select to import a CRL (Certificate Revocation List). CRLs are used to identify and remove installed certificates that have been revoked or are no longer valid. A certificate can be revoked if the CA had improperly issued a certificate, or if a private key is compromised. The most common reason for revocation is that the user no longer has sole possession of the private key.
    • Import Signed Cert – Select to import a self-signed certificate.
    Trustpoint Name Enter the name (up to 32 characters) assigned to the target trustpoint. The trustpoint signing the certificate can be a certificate authority, a corporation, or an individual.
    Location of Trustpoint
    Path/File Specify the path to the trustpoint file. Enter the complete relative path to the file on the server.
  5. Select OK to import the target trustpoint.
9037761-04 Rev AB