Retrieve from port
To retrieve a signer certificate from a remote SSL port. The system connects to the specified remote SSL host and port and receives the signer during the handshake using a trust manager. The signer SHA hash displays for validation and, if approved by an administrator, is added to the currently selected trust store.
To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Key stores and certificates > key store. Under Additional Properties, click Signer certificates. Then click the Retrieve from port button.
- Host
Specifies the host name to which you connect when attempting to retrieve the signer certificate from the SSL port.
Data type: Text
- Port
SSL port to which you connect when attempting to retrieve the signer certificate.
In a network deployment environment, you need to specify the correct secure sockets layer (SSL) port number when attempting to retrieve a signer certificate from a remote SSL port.
- Use the port number associated with the port name, WC_adminhost_secure, when retrieving a signer certificate from the dmgr.
- Use the port number associated with the port name, CSIV2_SSL_MUTUALAUTH_LISTENER_ADDRESS, when retrieving a signer certificate from a node.
All certificates must be in place prior to retrieving them from the deployment manager or from base servers.
Data type: Text
- SSL configuration for outbound connection
SSL configuration used to connect to the previously specified SSL port. This configuration is also the SSL configuration that contains the signer after retrieval. This SSL configuration does not need to have the trusted certificate for the SSL port as it is retrieved during validation and presented here.
Data type: Text Default: DefaultSSLConfig
- Alias
Certificate alias name to reference the signer in the key store, which is specified in the SSL configuration.
Data type: Text
- Retrieved signer information
Signer certificate information if it is retrieved from the remote host and port.
- Serial number
Certificate serial number that is generated by the issuer of the certificate.
- Issued to
Distinguished name of the entity to which the certificate was issued.
- Issued by
Distinguished name of the entity that issued the certificate. This name is the same as the issued-to distinguished name when the signer certificate is self-signed.
- Fingerprint (SHA Digest)
Secure Hash Algorithm (SHA hash) of the certificate, which can be used to verify the certificate's hash at another location, such as the client side of a connection.
- Expiration
Specifies the expiration date of the retrieved signer certificate for validation purposes.
Related tasks
Create an SSL configuration
Related
Keystores and certificates collection
Signer certificates collection