Operations | << | >> |
---|
A certificate trust list enables organizations to establish trust with other organizations so users can verify the digital signature of messages sent by users in other trusted organizations.
Use the Certificate Trust List property page to view other organizations that are currently certified on your Microsoft Exchange Server and to import certificates from outside of your organization. A certificate binds a public key to a particular certification authority.
Importing certificates from another certification authority allows you to establish trust with another organization.
Use the Certificate Trust List property page to import a certificate from another organization. Importing certificates requires multiple administrator passwords if multiple password policies are set.
Option | Description |
---|---|
Import a certificate | Imports a certificate from another organization to the KM server. The certificate should be a .Crt file from a CA. You should have already received this certificate file from an outside organization. |
Import a CRL | Imports a CRL to the KM server. The CRL contains a list of clients from a trusted organization that no longer hold valid security keys. It consists of the serial number of the certificate and the revocation date of the certificate. CRLs can be sent to you by e-mail or published on a Web page. |
File name | Type the name of the file that contains the certificate or CRL you want to import. |
A certificate from another certifying authority is trusted when you import it to your organization. You can use the Certificate Trust List property page to untrust or remove an imported certificate. Untrusting a certificate removes the trust placed in the certificate when it was imported. Removing a certificate deletes the certificate from your system but does not remove the trust placed in it. If you remove a certificate, you cannot untrust it later. Untrusting or removing certificates requires multiple administrator passwords if multiple password policies are set.
Option | Description |
---|---|
Untrust certificate | Ensures you have a record of certificates that are untrusted from your KM server because the certificates are no longer valid. |
Remove certificate | Removes the certificate from the KM server but does not add it to your CRL. Use this option with caution because a removed certificate cannot be untrusted. It is recommended that you use the Untrust certificate option to remove its trust, and then use the Remove certificate option to delete the certificate from your system. |
You can view the name, issuer, and expiration date of certificates that have been imported from other organizations and are trusted on your KM server. Use the Certificate Trust List property page to view the attributes of a certificate.
Property Page | Description |
---|---|
General | Shows the validity of a certificate. |
Details | Shows who the certificate was issued to, the issuer, the friendly name, the creation and expiration dates, the serial number, the finger print, the algorithm, and the status. |
Advanced | Shows details of the certificate's start date, expiration date, version, and intended use. |