+

Search Tips   |   Advanced Search

Exchanging signer certificates

To establish trust relationships, we can exchange signer certificates between keystores. When you exchange signer certificates, you are extracting a personal certificate from one keystore and adding it to another keystore as a signer certificate.

To exchange signer certificates, there must be two keystores.

Complete the following steps in the console:

  1. Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates.

  2. Select two keystores from the list of keystores.

  3. Click Exchange signers.

  4. Select any of the certificates in the first personal certificates list, and click Add. After adding, the signer part of the selected personal certificate appears in the other (second) keystore signers list.

  5. Select any of the certificates in the second personal certificates list, and click Add. After adding, the signer part of the selected personal certificate appears in the other (first) keystore signers list.

  6. Optional: If we need to remove any of the certificates from either of the signers lists, highlight one or more of the certificates, and click Remove.

  7. Click Apply and Save.


Results

The signer certificate appears in the list for each keystore.


What to do next

The extracted signer certificate is available to both keystores during the connection handshake.


Subtopics


Related concepts

  • Keystore configurations for SSL


    Related tasks

  • Add a signer certificate to a keystore