Managing and Verifying a Key and Certificate

To encrypt communication with TLS when using Remote UI, or to use TLS as the IEEE 802.1X authentication method, a key and certificate are required In addition, depending on the communicating device, encrypted communication using a specified certificate may be requested, thereby requiring a key and certificate.
Managing a Key and Certificate
You can prepare a key and certificate using the following methods:
Generating a Key and Certificate on the Machine
Generate the key and certificate required for TLS on the machine. You can immediately communicate where self-signed certificates are allowed.
Generating a Key and Certificate
Registering a Certificate Issued by a Certificate Authority in a Self-generated Key
When a key is generated on the machine, generate a Certificate Signing Request (CSR), have the certificate authority issue a certificate, and then register that certificate in the key.
Generating a Key and Certificate Signing Request (CSR) and Obtaining and Registering a Certificate
Registering a Certificate Obtained from an SCEP Server to a Self-generated Key
When generating a key on the machine, request a Simple Certificate Enrollment Protocol (SCEP) server to issue a certificate, and then register the obtained certificate. You can also request that a certificate be issued at a specified date and time.
Generating a Key and Obtaining and Registering a Certificate from an SCEP Server
Registering a Key and Certificate or CA Certificate Obtained from an Issuing Authority
Register a key and certificate obtained from an issuing authority or a CA certificate issued by a certificate authority, without self-generating the key and certificate. You can use a digital certificate that matches the communicating device and authentication level.
Registering a Key and Certificate or CA Certificate Obtained from an Issuing Authority
Verifying a Certificate
You can configure the settings to verify the validity of a certificate that the machine receives from a certificate authority, using the Online Certificate Status Protocol (OCSP).
Verifying a Received Certificate with OCSP
95UE-088