security > global-trusted-ca
The trusted-root-ca sub-element creates local trusted CA stores and defines the lists of certificates that you can apply to one or more tls-profiles objects.
Parameters
- name
- Specifies the name for this global-trusted-ca object. You apply this name to one or more tls-profiles for use by those objects.
- state
- Enables or disables this global-trusted-ca object. When enabled, the
global-trusted-ca uses the CAs configured in this list to validate
certificates. Values include:
- Enabled (default)
- Disabled
- trusted-ca-certificates-list
- Specifies the names of root CA’s which this list trusts. There must be a
corresponding certificate-record with the same name for each CA in this
list. You can configure any number of root CA’s per list, all of which are
used by the applicable tls-profile(s).
Enter multiple entries by listing entries within parenthesis, (), and separating them with a space. You can also add or remove a single entry to an existing list by prefixing the applicable name with a plus sign (+) to add, and a minus sign (-) to remove.
Path
global-trusted-ca is a subelement under the security configuration element under the security path. The full path from the topmost prompt is: