Menu path: UMS Administration > Global Configuration > Certificate Management > Web
Here, you can manage the certificates for communication via the Web Port (default: 8443).
The Web Port is used for the following tasks:
- Provide data for the endpoint devices (WebDAV etc.)
- Provide data for other servers (High Availability; WebDAV etc.)
- Provide data for the UMS Web App
- Provide an entry point for IMI and WebStart
- UMS Web App: Providing the browser with the certificate; see UMS Web App: The Browser Displays a Security Warning (Certificate Error)
- If you need to use an alternative certificate chain instead of the pre-installed one, see Using Your Own Certificates for Communication over the Web Port (Default: 8443)
Open the dialog Change Automatic Renewal Setting to toggle automatic certificate renewal.
The private key of the parent certificate (root CA or intermediate CA) must be known. The renewed certificate is assigned to the servers automatically.
- ACTIVATE automatic renewal: The end certificates in use will be renewed according to the number specified in Renew a used end certificate [number] days ahead of its expiration date.
- DEACTIVATE automatic renewal: The end certificates will not be renewed automatically.
Create a root certificate.
Create a signed certificate from the CA certificate (root or intermediate) that is currently selected.
Remove the selected certificate from the UMS. Only certificates that are not currently in use can be removed.
Renew the selected certificate; the dialog Create signed certificate is opened.
All settings except the expiry date (Valid until) can be left unchanged. The public key of the parent certificate (root CA or intermediate CA) must be known. Also, the expiry date of the parent certificate must be later than the new expiry date for the end certificate.
Show the content of the selected certificate.
Import a root CA certificate.
Import a signed certificate for which the currently selected certificate is a parent certificate (root CA or intermediate CA).
Import the decrypted private key for the selected certificate.
Import a certificate chain from a keystore.
Export the certificate and its child certificates as a certificate chain to a keystore.