Trusted Root Certificate Authorities

If you have configured File Director to securely connect to services such as LDAP or SQL using a private certificate authority (CA), the root certificate must be added to the Manage trusted root certificate authorities dialog within File Director.

Adding the certificate enables validation of the certificate signature. The validation of trusted CAs and the ability to configure secure LDAP communication for Active Directory was introduced in File Director 2020.1.

Notes:

  • Adding a trusted CA is required only for a private or internal CA; it is not required for a commonly trusted (public) CA.
  • To enable a secure connection for Microsoft AD, when you download the root certificate for your CA, select the Base 64 encoding option.
  • Changes made to CAs will replicate to all nodes within a cluster and result in a File Director service restart.

Add a Certificate Authority

  1. In the File Director Admin console, select Configuration > SSL Certificate > Manage trusted root certificate authorities.
  2. Click Add CA
    to display the Add Trusted CA dialog is displayed.
  3. As prompted within the dialog, paste the CA root certificate in PEM format (refer to note above, regarding AD Certificate Services).
  4. Click Add CA.
    The Add Trusted CA dialog closes and the validity of the certificate is checked.
  5. Accepted certificates are listed. to display the certificate property Common Name (Subject CN), and the expiry date (Expiration date).

Remove a Certificate Authority

  1. In the Manage trusted root certificate authorities dialog, click the listed certificate you wish to remove.
    The Remove Trusted CA dialog opens.
  2. Certificate contents can be viewed.
    Click Remove CA to remove the certificate, or click Cancel.

    Refer to note above; changes made to CAs will result in a File Director service restart.

Related topics

E.g. Private CA certificate