+

Search Tips   |   Advanced Search

 

Extracting a signer certificate from a personal certificate

 

Personal certificates contain a private key and a public key. You can extract the public key, called the signer certificate, to a file, then import the certificate into another keystore. The client requires the signer portion of a personal certificate for Security Socket Layer (SSL) communication. The keystore that contains a personal certificate must already exist.

 

Overview

Complete the following steps in the console:

 

Procedure

  1. Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates > keystore .

  2. Under Additional Properties, click Personal certificates.

  3. Select a personal certificate.

  4. Click Extract.

  5. Type the full path for the certificate file name. The signer certificate is written to this certificate file.

  6. Select a data type from the list.

  7. Click Apply.

 

Results

The signer portion of the personal certificate is stored in the file that is provided.

 

What to do next

This signer can now be imported into other keystores.

To extract a signer certificate from a personal certificate using the wsadmin tool, use the extractCertificate command of the AdminTask object. For more information, see PersonalCertificateCommands command group for the AdminTask object.



Extract certificate

Extract signer certificate

Retrieving signers using the retrieveSigners utility at the client

Change the signer auto-exchange prompt at the client

 

Related concepts


Secure Sockets Layer configurations
Dynamic outbound selection of Secure Sockets Layer configurations
Keystore configurations

 

Related Reference


PersonalCertificateCommands command group for the AdminTask object