If you are using a third-party server for certificate validation, the following items are to be configured manually:
Key Size: 2048 bits
Key Type: Unspecified, Encryption, Signature, SSL or TLS
Key Usage: Data Encipherment, Key Encipherment or Digital Signature. All three are needed.
If the certificate issue path is server_certificate > intermediate_certificate > trusted_root_certificate, the intermediate server certificate along with the certificate chain (the public key certificate as well as the trusted root certificate of the intermediate certificate) should be imported into the TRO, and this should be configured as the issuer. The same holds for the client issuer name list, which is specified in the authentication rules.