Managing Users and Security
Managing Certificates
Makito User’s Guide, v2.1.0, Issue 01
150
Managing Certificates
NOTE
The
C
ERTIFICATES
page is only accessible to administrators.
The
C
ERTIFICATES
page shows the list of Identity and CA certificates installed on the
Makito.
•
An Identity Certificate identifies the Makito during the authentication process when
trying to establish a TLS connection in Audit or HTTPS session startup. Its Common
Name or Alternate Subject Names must match the encoder’s IP address and/or its
FQDN (Fully Qualified Domain Name) if DNS is used.
•
A CA Certificate is normally a root certificate from a certificate authority that is
generally widely known and trusted. CA Certificates are stored on the encoder so they
can be used to authenticate CA-signed certificates from audit servers. You will need to
import the root certificate from the CA that signed the certificate of the configured
remote audit server. It is also recommended to import the root certificate of the CA that
signed your Makito identity certificate in order to increase your list of trusted root
certificates.
From the
C
ERTIFICATES
page, you can generate, import, view, and delete Identity Certifi-
cates, as well as select the default Identity Certificate. You can also import, view, and delete
CA Certificates.
To manage system certificates:
1.
Click
S
ECURITY
from the main menu, and then click
C
ERTIFICATES
from the submenu.
The
C
ERTIFICATES
page opens as shown in the following example.