PKI tasks at a glance

To configure PKI, perform the following tasks:

1. Configuring a PKI entity

2. Configuring a PKI domain

3. (Optional.) Specifying the storage path for certificates and CRLs

4. Requesting a certificate

   Choose one of the following tasks:

   • Enabling the automatic online certificate request mode

   • Manually submitting an online certificate request

   • Manually submitting a certificate request in offline mode

5. (Optional.) Aborting a certificate request

6. (Optional.) Obtaining certificates

   You can obtain the CA certificate, local certificates, and peer certificates related to a PKI domain from a CA and save them locally for higher lookup efficiency.

7. (Optional.) Verifying PKI certificates

8. (Optional.) Exporting certificates

9. (Optional.) Removing a certificate

10. (Optional.) Configuring a certificate-based access control policy

    Certificate-based access control policies allow you to authorize access to a device (for example, an HTTPS server) based on the attributes of an authenticated client's certificate.