The CommuniGate Pro Server can verify validity of Certificates presented to it. For example, the WebUser Interface performs validity checks when displaying signed messages.
A Certificate is considered valid if:
There are several sets of the Trusted Certificates:
When a PKI operation is performed for a certain Domain (or for a certain Account in that Domain), the following Trusted Certificates are checked:
When a PKI operation is performed for the System itself (for example, an outgoing TLS connection is being established), the following Trusted Certificates are checked:
Use the WebAdmin Interface to update the set of Server-wide and Cluster-wide Trusted Certificates. Open Security page in the the Users realm. The Trusted Certificates page will open:
Trusted Certificates included into the displayed set have a checkbox marker. To remove certain Trusted Certificates, select its checkbox and click the Remove Marked button.
In addition to the certificates from the displayed set, the Domain-wide pages display the built-in Trusted Certificates, and the Trusted Certificates from the Server-wide set (or from the Cluster-wide set for Shared Domains). The Server-wide and Cluster-wide Trusted Certificates pages display the the built-in Trusted Certificates. These additional certificates do not have checkbox markers.
To add a Certificate to the set, enter the PEM-encoded Certificate data into the text field and click the Set Certificate button. The new Certificate should appear in the displayed set.