cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1768
Views
10
Helpful
4
Replies

How to add trusted CA to SMA?

guibarati
Level 4
Level 4

I need the SMA to trust an internal CA so I can use secure LDAP for end user quarantine access but I can't find anywhere how to add a trusted CA to the SMA database. Is there a way to do it?

4 Replies 4

I'm pretty sure it's in the CLI, you have to use certconfig to do it...




I don't see an option to configure a new trusted CA on the certconfig option.

Maybe the only option is to use an internal certificate on the SMA and upload the certificate chain? 

I'm pretty sure that's what you'll need to do, I can't find good docs on it...



I've already got an enhancement request in for them go to steal the cert management code/UI from the WSA team because they got it right and the SMA cert management is a joke.




It's been a while using an internal or odd-ball public cert, but maybe the question should be
- does the SMA have any Trust store / perform any validation.

I generally configure the cert and inter via certconfig.
Not the root.

This has been for internal and public certs.
On the ESAs, I add custom internal roots into its Trust store, but no roots on the SMAs.
Never thought about it, so would guess the SMA is not bothered. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: