Extracting a signer certificate from a personal certificate
Personal certificates contain a private key and a public key. You can extract the public key, called the signer certificate, to a file, then import the certificate into another keystore. The client requires the signer portion of a personal certificate for Security Socket Layer (SSL) communication. The keystore that contains a personal certificate must already exist.
Overview
Complete the following steps in the console:
Procedure
- Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates > keystore .
- Under Additional Properties, click Personal certificates.
- Select a personal certificate.
- Click Extract.
- Type the full path for the certificate file name. The signer certificate is written to this certificate file.
- Select a data type from the list.
- Click Apply.
Results
The signer portion of the personal certificate is stored in the file that is provided.
What to do next
This signer can now be imported into other keystores.To extract a signer certificate from a personal certificate using the wsadmin tool, use the extractCertificate command of the AdminTask object. For more information, see PersonalCertificateCommands command group for the AdminTask object.
Extract certificate
Extract signer certificate
Retrieving signers using the retrieveSigners utility at the client
Change the signer auto-exchange prompt at the client
Related concepts
Secure Sockets Layer configurations
Dynamic outbound selection of Secure Sockets Layer configurations
Keystore configurations
Related Reference
PersonalCertificateCommands command group for the AdminTask object