Updated on 2022-04-02 GMT+08:00

Configuring a Whitelist

Context

If the whitelist verification function is enabled, a certificate can be successfully obtained only when the common name is in the whitelist after a user submits a certificate request.

Procedure

  1. Choose System > About > Certificate Authority Service from the main menu.
  2. Choose PKI Management > Whitelist from the navigation tree on the left.
  3. Click New. The Create Whitelist dialog box is displayed.
  4. Enter the whitelist information.

    • Common name: Mandatory. The common name is a string of 1 to 127 characters containing uppercase letters, lowercase letters, digits, spaces, hyphens (-), colons (:), and dots (.).
    • Description: optional. The description is a string of 0 to 128 characters containing digits, uppercase letters, lowercase letters, spaces, and special characters ( , . ? ! : ; ).
    • You can click Reset to clear parameter settings.

  5. Click Submit.

Related Tasks

  • Enabling whitelist verification

    Choose Protocol Configuration > CMP. On the Protocol Configuration tab page, click Modify corresponding to a CA. On the page that is displayed, set Verify Whitelist to Yes.

    • By default, the whitelist verification function is disabled.
    • The whitelist verification function takes effect only when you apply for a certificate using CMP.
  • Modifying a whitelist

    Choose PKI Management > Whitelist. Click Modify corresponding to the desired whitelist and modify it.

  • Importing a whitelist

    Choose PKI Management > Whitelist. Click Import to manually import a whitelist.

    • You can download the template file, set parameters following the instructions, and upload the file.
    • The file to be uploaded must be in .csv format and the size of a single file cannot exceed 20 MB. The file can contain a maximum of 4 million data records, but a maximum of 50,000 records can be imported at a time.
  • Deleting a whitelist

    Choose PKI Management > Whitelist. Select the whitelist to be deleted and click Delete or click Delete corresponding to the whitelist.

  • Searching for a whitelist

    Choose PKI Management > Whitelist. In the search box, enter a common name and click to search for a specific whitelist. The Certificate Authority Service supports fuzzy search by whitelist name.