List of trusted certificate authorities on the IBM HTTP Server

Associate your public key with a digitally signed certificate from a certificate authority (CA) that is designated as a trusted root CA on your server. We can buy a signed certificate by submitting a certificate request to a certificate authority provider. The default certificate request file name is certreq.arm. The certificate request file is a PKCS 10 file, in Base64-encoded format.

We can create a new .kdb keystore file and view the list of designated trusted certificate authorities (CAs). If you are using a personal certificate and the signer is not in the list, you must obtain a signer certificate from the associated trusted certificate authority.

Related concepts

• SSL Certificate revocation list and Online Certificate Status Protocol

Related tasks

• Choosing the type of client authentication protection

• Create a self-signed certificate