Click 
on the upper-right corner of the page.
Click Certificate Authority > Use Certificate Authority Server.
Note: The Use Certificate Authority Server button appears only when configuring the certificate authority for the first time, or when the certificate is deleted.
Configure the server endpoints.
CA Server—The Certificate Authority (CA) server that generates the printer certificates. You can select either OpenXPKI CA or Microsoft CA Enterprise.
CA Server Address—The IP address or host name of your CA server. Include the full URL.
Challenge Password—The password that is required to assert the identity of MVE to the CA server. The challenge password is not supported in Microsoft CA Enterprise.
Note: Depending on your CA server, see the OpenXPKI Certificate Authority Configuration Guide or the Microsoft Certificate Authority Configuration Guide.
Click Save Changes and Validate > OK.
Note: The connection between MVE and the CA servers must be validated. During validation, MVE communicates with the CA server to download the certificate chain and the Certificate Revocation List (CRL). The enrolment agent certificate is also generated. This certificate enables the CA server to trust MVE.
Navigate back to the System Configuration page, and then review the CA certificate.
Note: You can also download or delete the CA certificate.