Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure communications
Exchange signer certificates
To establish trust relationships, you can exchange signer certificates between keystores. When you exchange signer certificates, you are extracting a personal certificate from one keystore and adding it to another keystore as a signer certificate. To exchange signer certificates, there must be two keystores. Complete the following steps in the admin console:
Procedure
- Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates.
- Select two keystores from the list of keystores.
- Click Exchange signers.
- Select any of the certificates in the first personal certificates list, and click Add. After adding, the signer part of the selected personal certificate appears in the other (second) keystore signers list.
- Select any of the certificates in the second personal certificates list, and click Add. After adding, the signer part of the selected personal certificate appears in the other (first) keystore signers list.
- Optional: If remove any of the certificates from either of the signers lists, highlight one or more of the certificates, and click Remove.
- Click Apply and Save.
Results
The signer certificate appears in the list for each keystore.
What to do next
The extracted signer certificate is available to both keystores during the connection handshake.
Related
Keystores and certificates exchange signers
Keystore configurations for SSL
Add a signer certificate to a keystore