Add a New URL Certificate Data Source

URL certificate sources are used to load user or CA certificates. Certificates loaded from a URL certificate source can be registered as certificates on the Management Console certificates page and as certificate issuers on the Management Console certificate issuers page.

  1. Click add a new URL Certificate data source on the Data Sources page.

  2. To prevent data from this source from being retrieved periodically when the Data Sources job runs, clear the Enabled option.

  3. Enter a unique, descriptive Name to identify the data source.

    This is the name of this data source, which must be unique across all other certificate sources.

  4. Enter the URL from which the certificate(s) will be retrieved.

    This is the URL that points to the certificate(s) in DER, PEM or PKCS#7 format.

    To load certificates from a file that is accessible on the computer running Validation Authority, prepend the path to the file with file:/// in the URL specification. For example, the URL file:///C:/folder/certificate.cer (local drive) or file:///Z:/folder/certificate.cer (mapped share drive) would be used to load the certificate certificate.cer contained in the referenced folder.

    To load certificates from a Windows network share using a UNC address, prepend the path to the file with file:// in the URL specification. For example, the URL file://Server\Certificates\certificate.cer would be used to load the certificate contained in the file \\Server\Certificates\certificate.cer.

  5. To prevent data from this source from being retrieved periodically when the Data Sources job runs, deselect Enabled.

  6. To automatically register certificates from this source if their issuer is known, click Register Certificates.

    If this option is not selected, then certificates from this source will only be registered as certificate issuers based on the options in the following step.

    Alternatively, to use the data source only for registering new certificate issuers, and not for adding certificates to the certificates page, clear the Register Certificates option, then select at least one of the three options described as follows.

  7. To automatically register new certificate issuers using CA certificates retrieved from the data source, select the types of certificates that should be automatically registered by selecting any of the following options:

    • Self-Signed CA Certificates - To automatically register self-signed CA certificates retrieved from this data source as certificate issuers.

    • Subordinate CA Certificates - To automatically register subordinate (not self-signed) CA certificates retrieved from this data source as certificate issuers.

    • Version 1 Certificates - To automatically register version 1 certificates retrieved from this data source as certificate issuers.

    If you do not select any of these options, then certificate issuers will not be registered automatically.

  8. After you have entered the necessary information to configure the data source, test the data source, and then click Save Data Source to save it.