Configuring MVE for automated certificate management

  1. Click the settings icon on the upper-right corner of the page.

  2. Click Certificate Authority > Use Certificate Authority Server.

    Note: The Use Certificate Authority Server button appears only when configuring the certificate authority for the first time, or when the certificate is deleted.
  3. Configure the server endpoints.

    Note: Depending on your CA server, see the OpenXPKI Certificate Authority Configuration Guide or the Microsoft Certificate Authority Configuration Guide.
  4. Click Save Changes and Validate > OK.

    Note: The connection between MVE and the CA servers must be validated. During validation, MVE communicates with the CA server to download the certificate chain and the Certificate Revocation List (CRL). The enrolment agent certificate is also generated. This certificate enables the CA server to trust MVE.
  5. Navigate back to the System Configuration page, and then review the CA certificate.

    Note: You can also download or delete the CA certificate.