RUCKUS One allows you to add a Certificate
Authority (CA) responsible for issuing and signing certificates within your tenant, helping
to enhance security, simplify certificate administration, and ensure compliance with
industry standards.
Complete the following steps to a
Certificate Authority:
From the navigation bar, select
Network
Control > Policies &
Profiles.
The Policies
& Profiles page is displayed.
In the Policies &
Profiles page, click Certificate
Template.
The Certificate
Template page is displayed. By default, the
Certificate tab is displayed.
Select the Certificate
Authority tab.
The Certificate
Authority page is displayed. Viewing the
Certificate Authority The Certificate Authority page displays the list of
CA including:
Name: Displays the name of the CAs.
Templates: Displays the number ofcertificate
templates using the CA.
Common
Name: Displays the common name of the CA.
SHA
Fingerprint: Displays the unique identifier created by
the SHA algorithm applied during CA creation.
Expires: Displays the expiration date of the
CA.
On the upper right-hand corner of the Certificate
Authority page, click Add Certificate
Authority.
The Add Certificate Authority page is
displayed.Adding a Certificate Authority
Complete the following:
Select one of the following methods for CA:
Generate New Certificate Authority: Creates
a new root certificate authority by generating new keys.
Generate New Intermediate Certificate
Authority: Creates an intermediate certificate
that is subordinate to an existing CA.
Upload Existing Root or Intermediate Certificate
Authority: Imports the public and optionally the
private key of an existing certificate authority.
Create
Intermediate CA: This option can be configured only if
you select Generate New Intermediate Certificate
Authority method.
Certificate Authority: Select a CA
from the drop-down.
Create Root CA: Provide the CA
information.
Note: The common name of the root CA is the
publicly-visible name. It is recommended to include "Root CA" or
"Intermediate CA" along with a version number such as "Sample Corp
Root CA I".
For Certificate Authority Name, enter the
name of the CA.
For Common Name, enter a domain name.
For
Description, enter a brief
description.
Validity
Period: Certificate authorities are normally valid for 20
years. The default start date is backdated one month to avoid potential
system clock issues.
Start
Date: Click the calendar to pick up a start date.
By default, current date is selected.
Expiration Date: Click the calendar to
set a date for expiration.
CA Strength: The following properties determine the strength of the
certificate authority.
Keylength: Configure the key length by
dragging the slider. The valid range is from 2048 through 4096.
Note that the key length does not apply to certificates
generated by Chromebook Enrollment or from
Certificate Signing Requests (CSRs), which are manually
added.
Algorithm: Select an algorithm from
the drop-down: SHA-256,
SHA-384, or
SHA-512.
CA Properties: The following properties are
embedded into the CA. Many organizations have guidelines specifying
exactly what these values need to be.
Organization: Enter the name of the
organization.
Organization Unit: Enter the name of
the unit or department.
Email Address: Enter the email address of
the organization.
Title: Enter the title.
Locality: Enter the name of the
locality.
State: Enter the name of the
state.
Country: Enter the name of the
country.
Upload CA: This option is available only if you have
selected the Upload Existing Root or Intermediate Certificate
Authority method.
Imports the public and optionally the private key of an existing
certificate authority.Uploading a CA
Complete the following:
Public Key: Drag and drop the Public Key file from
your local drive or click Browse to select a
file and upload.
Private Key: Drag and drop the Private Key file
from your local drive or click Browse to select
a file and upload.
Private Key Password: Enter the password for the
private key.
