Add a signer certificate to the default signers keystore
Signer certificates are added to the following keystores...
Dmgr DmgrDefaultSignersStore Appserver NodeDefaultSignersStore
The default signers key store is created during profile creation and contains the signer certificate of the root certificate. Additional signer certificates can be added to the default signers key store at any time. Anytime a keystore is created using the admin console or createKeyStore, all signer certificates from the default signer store are added to the newly created keystore.
Add signer certificates
- If the certificate is in a certificate file, to add to the default signer keystore, go to...Security | SSL certificate and key management | Related Items | Key stores and certificates | KeyStore Usages | Default signers keystore | DmgrDefaultSignersStore | Additional Properties | Signer certificates | Add
- Path to the certificate file and an asterisk (*)
- Format of the certificate file
To extract a signer certificate from a personal certificate to a certificate file...Security | SSL certificate and key management | Related Items | Key stores and certificates | Keystore Usages | All | keystore name | Additional Properties | Personal certificates | personal certificate | Extract
...and set path to the certificate file
- To extract a signer certificate directly to the default signers keystore
- Go to...Security | SSL certificate and key management | Related Items | Key stores and certificates | Keystore Usages | All
- Click on...
- default signers keystore
- keystore containing the personal certificate whose signer certificate is needed
...and then click...Exchange Signers
- Select the personal certificate whose signer is needed.
- Click Add.
- Click Apply then Save.
Add signer certificates using wsadmin
We can extract the signer from a personal certificate using AdminTask extractCertificate.
We add signers using AdminTask addSignerCertificate.
Add a signer certificate to a default signer keystore addSignerCertificate Create a new keystore createKeyStore Extract the signer from a personal certificate extractCertificate Exchange a signer certificate KeyStoreCommands
KeyStoreCommands command group for the AdminTask object
SignerCertificateCommands command group for the AdminTask object