| Configuring the Security Features | 199Managing the Trusted Certificates ListWhen the system serves as a TLS client and requests a TLS connection with a server, the system should verify theserver certificate sent by the server to decide whether it is trusted based on the trusted certificates list.About this taskThe trusted certificates list contains the default and the custom certificates.• Default Certificates: The system has 36 built-in trusted certificates.• Custom Certificates: You can upload up to 10 trusted certificates with the size no more than 5M to the system.The format of the CA certificates must be .pem, .cer, .crt and .der.Procedure1. On your web user interface, go to Security > Trusted Certs.2. Configure and save the following settings:Parameter Description Configuration MethodOnly Accept TrustedCertificates Enable or disable the systemonly trusting the servercertificates in the trustedcertificates list.Note: the default value is On.If it is disabled, the system canconnect to the server no matterwhether the certificate send bythe system is valid or not.If it is enabled, the systemwill authenticate the servercertificate based on the trustedcertificates list. Only when theauthentication succeeds, will thesystem trust the server.If you change this parameter, thesystem will reboot to make thechange take effect.Web user interfaceCommon Name Validation Enable or disable the systemto mandatorily validatethe CommonName orSubjectAltName of the servercertificate sent by the server.This security verification rulesare compliant with RFC 2818.Note: the default value is Off.If you change this parameter, thesystem will reboot to make thechange take effect.Web user interface