Table of ContentsView in Frames

Managing digital certificates for server or client authentication

A digital certificate ensures that communications are transmitted in encrypted form and that information is sent privately and unaltered to only the specified server or from the authenticated client. You can generate a certificate signing request, create, install, sign, display, revoke, or delete a digital certificate for server or client authentication.

A digital certificate, also called a public key certificate, is an electronic document that verifies the owner of a public key. It can be either self signed (by the owner) or Certificate Authority (CA) signed. You can provide server or client authentication by using digital certificates for situations where the cluster or Storage Virtual Machine (SVM) is an SSL server or client. When you provide both server and client authentication, you have mutual authentication (also called two-way authentication) in which both the server and the client present their certificates to each other for validating their respective identities to each other.

You can manage digital certificates in the following ways (the security certificate command family):

The following behaviors and default settings apply:

When you manage digital certificates, you specify one of the following certificate types (the -type parameter of the security certificate command family) for server or client authentication: