Cybersecurity Admin Expert certificate management

Device certificates are needed to enable encrypted communication between devices within the system network.

Cybersecurity Admin Expert (CAE) manages three types of certificates:

• Allowlist certificate
• Root CA
• Intermediate CA

During network discovery, CAE searches for the certificates of the devices connected to the system network, then the security administrator can decide whether or not to trust the detected certificates. When the security administrator trusts a device certificate, this certificate is stored by CAE so that, at next discovery, CAE will be able to identify it.

 

Certificate Store

CAE stores trusted certificates and displays them in Security Settings > Certificate management > Certificate store:

In the Certificate store, CAE can store:

• Device certificates (allowlist certificates). These are the certificates of the devices. They are automatically added in the CAE store after the security administrator trusts them.
• Root and Intermediate Certificate Authority (CA) certificates. These are trusted chain certificates manually added by the user.
• Other certificates that can be added manually by the user.

The Security Administrator can:

Action	Steps
Add a new certificate (import from certificate file)	Use the Add button in the bottom-left corner.
Edit certificate properties	Right-click the certificate to edit.
Delete certificate	Right-click the certificate to delete or use the Trash icon.
Export certificate	Right-click the certificate to export.
Display certificate details	Select the certificate and click the Open in Windows icon. Use the Open in Windows option to see certificate details in Windows. You can use the Windows Certificate Import Wizard to import trusted certificates from the CAE Certificate Store to disk:

For more information, see Signing Cybersecurity Admin Expert certificates.