ePO Certificate Authority (CA) ImportΒΆ

Prior to connecting DXL clients to the fabric, a Certificate Authority (CA) that is being used to sign DXL client certificates must be imported into ePO.

If you have not created the Certificate Authority (CA), please follow the steps outlined in the Certificate Files Creation (PKI) section.

The steps to import the CA certificate into ePO are listed below:

  1. Navigate to Server Settings and select the DXL Certificates (Third Party) setting on the left navigation bar.

    Note

    If using an older version of the DXL ePO Extensions, the Server Settings in the ePO console may have only a single option for all DXL certificates (titled "DXL Certificates"). Click that setting, and proceed with the rest of the steps in this guide as normal.

    _images/serversettings.png
  2. Click the Edit button in the lower right corner (as shown in the image above)

    _images/editdxlcerts.png
  3. Click the Import button in the Client Certificates section (as shown in the image above)

    _images/editdxlcerts-selectca.png
  4. Select the Certificate (For example, ca.crt) for the Certificate Authority (CA) that was created previously.

    See the Certificate Files Creation (PKI) section for information on creating a Certificate Authority (CA)

  5. Click the OK button in the lower right corner (as shown in the image above)

    _images/editdxlcerts-save.png
  6. Click the Save button in the lower right corner (as shown in the image above)

    The imported Certificate Authority (CA) information will propagate to the DXL brokers. This process can take several minutes to complete.