The web-manager security ca-certificate command specifies the CA certificate used by the FW to authenticate the client certificate.
The undo web-manager security ca-certificate command deletes the CA certificate specified for the FW to authenticate the client certificate.
web-manager security ca-certificate ca-certificate-name
undo web-manager security ca-certificate ca-certificate-name
| Parameter | Description | Value |
|---|---|---|
| ca-certificate-name | Specifies the name of a CA certificate. | The value is a string of 1 or 64 characters. |
By default, the FW has no CA certificate to authenticate the client certificate.
Before running the web-manager security ca-certificate command, apply for a CA certificate, upload it to the FW storage, and import it to the memory. For details, see the pki import-certificate command.
After running the web-manager security verify-ssl-peer command to enable bidirectional certificate authentication between the FW and its client, the FW uses the CA certificate specified in the web-manager security ca-certificate command to authenticate the client certificate.