| For the latest version, please use Certificate Lifecycle Manager 6.3.0! | 
Configuration
| This panel is only accessible by users with the Adminprivilege. | 
System Settings
The entities in the System settings are preconfigured with default generated values and can be modified.
| System Entity | Description | 
|---|---|
| System Realm | The currently selected realm. | 
| User Certificate Policy | This policy is used to request a certificate for a user of the CLM platform. The user can then access CLM functions through the CLM-UI. | 
| CMP Policy | This policy is used to import certificates for CMP and SCEP operations. | 
| Active Crypto Module | This crypto module encrypts keys and secrets, such as passwords of end entities, API clients, and keystores. Additionally, it can generate random numbers. | 
| The System Realmincludes theSYSTEM USER CERTIFICATE POLICY, theSYSTEM CMP SIGNER CERTIFICATE POLICYand the RA certificates.
These system policies are configurable as well.
They are the default choice for the creation of new user RA certificate, and the management of certificates used in CMP, like the signer’s certificate. | 
Configure System Settings
To configure the system entities, press Edit in the System Settings section. In order to be able to modify the user certificate policy, and the CMP policy the system realm must be configured. In order to modify the system realm, the previously selected realm as the system realm must be archived and deleted.
E-Mail Settings
Below are the E-Mail attributes available for editing:
- 
Host 
- 
Port 
- 
Username 
- 
Password 
- 
Protocol 
- 
Authentication Enabled 
- 
StartTLS Enabled 
- 
Email Sender 
- 
Email Signature 
Configure E-Mail Settings
To configure the mail server press Edit in the E-Mail Settings section.
| The password is never retrieved from the server. It will only be updated if Save is pressed with the password field not empty. In order to remove the password completely, press Disable password. | 
Check E-Mail Settings
Using the Send Test E-Mail button at the top of the mail settings section, you can check the E-Mail settings configuration.
| For the Send Test E-Mail button to be available, an e-mail address is required. This functionality is not supported for API Clients. | 
Connection Settings
The fields included in the connection settings are the TLS Version which is used to specify the TLS protocol that will secure the connections,
and the Connection Timeout (Seconds) which defines the TTL (Time To Live) of the connections.
Configure Connection Settings
To configure the connection settings, press Edit in the Connection Settings section.
Application Settings
| Application Property | Description | 
|---|---|
| Expiring Certificates Notification Intervals Days | Number of days before expiration, that the Expiration Notification Task should sent notification E-Mails. | 
| Expiring Certificates Renewal Limit Days | Number of future days, relative to each certificate’s expiration date, that an end entity’s certificate must be still valid, for the other end entity certificates to be considered renewed and not require expiration notification. | 
| Private Key Password Policy | N/A | 
| End Entity Password Policy | N/A | 
| API Client Password Policy | N/A |