Retrieve from port

To retrieve a signer certificate from a remote SSL port. The system connects to the specified remote SSL host and port and receives the signer during the handshake using a trust manager. The signer SHA hash displays for validation and, if approved by an administrator, is added to the currently selected trust store.

To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Key stores and certificates > key store. Under Additional Properties, click Signer certificates. Then click the Retrieve from port button.


Specifies the host name to which you connect when attempting to retrieve the signer certificate from the SSL port.

Data type: Text


SSL port to which you connect when attempting to retrieve the signer certificate.

In a network deployment environment, you need to specify the correct secure sockets layer (SSL) port number when attempting to retrieve a signer certificate from a remote SSL port.

All certificates must be in place prior to retrieving them from the deployment manager or from base servers.

Data type: Text

SSL configuration for outbound connection

SSL configuration used to connect to the previously specified SSL port. This configuration is also the SSL configuration that contains the signer after retrieval. This SSL configuration does not need to have the trusted certificate for the SSL port as it is retrieved during validation and presented here.

Data type: Text
Default: DefaultSSLConfig


Certificate alias name to reference the signer in the key store, which is specified in the SSL configuration.

Data type: Text

Retrieved signer information

Signer certificate information if it is retrieved from the remote host and port.

Serial number

Certificate serial number that is generated by the issuer of the certificate.

Issued to

Distinguished name of the entity to which the certificate was issued.

Issued by

Distinguished name of the entity that issued the certificate. This name is the same as the issued-to distinguished name when the signer certificate is self-signed.

Fingerprint (SHA Digest)

Secure Hash Algorithm (SHA hash) of the certificate, which can be used to verify the certificate's hash at another location, such as the client side of a connection.


Specifies the expiration date of the retrieved signer certificate for validation purposes.


Related tasks

Create an SSL configuration



Keystores and certificates collection
Signer certificates collection