This window lets you update the client certificate trust mode that specifies how Extreme Management Center clients handle the server certificates they receive. You can access this window from the Server Information Window Certificates Tab.
Management Center and NAC use server certificates to provide secure communication for application web pages and for internal communication between server components. When a server certificate is replaced, Management Center clients must be configured to trust the new certificate. A trust mode is used to determine how all clients handle updated certificates. You can set the client trust mode to one of the following options:
- Prompt (default mode) - If a client encounters a new certificate that
is does not trust, the user is
prompted to either accept or reject the new certificate. If the server
certificate is replaced and the user expects to see the new certificate,
then they can accept the certificate if it is correct. If the server certificate
has not been replaced and the client has inadvertently connected to a server
that is not trusted, then the user can reject the certificate.
- Trust All - All server certificates are accepted without a trust check.
Use this option if there is no possibility that a client could connect to a
server that is not trusted, and the user does not need to be prompted to accept
or reject a new certificate.
- Strict - If a client encounters a new certificate that is does not trust, the certificate is rejected and the client connection fails. While this option is the most secure, if the server certificate is replaced, the new certificate will be rejected. If you are replacing a server certificate, you should not use this trust mode.
For information on related windows:
