Creating a new Root CA

If you do not already have a Root CA, you can use the Content Gateway manager to create one. The process uses openssl pkcs#8.

Be sure to back up any new Root CAs that you create. See Backing up your internal Root CA for details.

Steps

  1. In the Content Gateway manager, go to the Configure > SSL > Internal Root CA > Create Root CA tab.
  2. Provide requested information in the fields, particularly noting the following:
    • The fields Organization, Organizational unit, and Common name comprise a distinguished name.
      • For Organization, enter the name of your company.
      • Optionally provide an Organizational Unit (for example, division, section, or department) name.
      • For Common Name, enter the name of your company certificate authority.
    • The comment becomes part of the certificate. The first line you enter can be seen by end users.
    • Enter, and then confirm, the passphrase. (A passphrase is similar to a password. Usually, however, it is longer to provide greater security. It is recommended that you use a strong passphrase, with a combination of numbers, characters, and upper- and lower-case letters.)
  3. Click Generate and Deploy Certificate to deploy the certificate to the Content Gateway server.