Create a certificate authority request


Overview

To obtain a certificate signed by a CA first create a personal certificate request, which functions as a temporary placeholder for the signed certificate until you manually receive the certificate in the keystore.

Key store tools (such as iKeyman and keyTool) cannot receive signed certificates generated by certificate requests from WAS. Similarly, WAS cannot accept certificates that are generated by certificate requests from other keystore utilities.

The keystore that contains a personal certificate request must already exist.


Create a personal certificate request using the console

Go to the Personal certificate requests panel...

Security | SSL certificate and key management | Key stores and certificates | keystore | Personal certificate requests | New

...and set...

Full path of the certificate request file The certificate request is created in this location.
Key label Alias name. The alias identifies the certificate request in the keystore.
Common name (CN) CN value in the certificate distinguished name (DN).

Optional values...

key size Default key size is 1024 bits.
organization value O value in the certificate DN.
organizational unit value OU value in the certificate DN.
locality value L value in the certificate DN.
state or providence ST value in the certificate DN.
zip code POSTALCODE value in the certificate DN.
country C= value in the certificate request DN.

 

Related

SSL configurations
Keystore configurations for SSL
CertificateRequestCommands command group of the AdminTask object
Certificate request settings
Personal certificates collection
Self-signed certificates settings
Personal certificate requests collection
Personal certificate requests settings
Extract certificate request
Receive a certificate issued by a certificate authority
Replace a certificate