Personal certificates collection

Personal certificates collection

Manage personal certificates.

Security | SSL certificate and key management | Configuration settings | Manage endpoint security configurations | {Inbound | Outbound} | ssl_configuration | Related items | Key stores and certificates | key store | Additional Properties | Personal certificates

The Personal certificates page lists all personal certificates in the selected key store. We can do most certificate management operations in this panel, including:

Create a new self-signed certificate
Delete a certificate
Receive one generated from a CA
Replace a certificate (simultaneous delete and create, replacing references across all key stores)
Extract the signer
Import or export a personal certificate

Personal certificate requests are temporary place holders for certificates that will be signed by a certificate authority (CA).

The Key store collection must contain at least two key store files. We must select one file in order to replace, extract, or export a key store,

Button Resulting action
Create (drop-down list) Enable the application server to create the following certificates:

Self-signed Certificate
CA-signed Certificate
Chained Certificate

Delete To delete a certificate from the key store. Be careful that the certificate alias is not referenced elsewhere in the Secure Sockets Layer configuration.

Receive a certificate from a certificate authority Enable the application server to receive a certificate authority (CA)-generated certificate from a file to complete a certificate request.
Replace Replace a personal certificate with another personal certificate. All key stores in the configuration looking for signer certificate form the original personal certificate and replaces them with the new personal certificates signer. Any place in the security configuration where the certificate alias is referenced will be replaced with the new certificate alias.
Extract Extract the signer part of personal certificate from the key store and stores it to a file. The file can then be used to add the signer to another key store.
Import Import a certificate, including the private key, from a key store file or managed key store.
Export Export a certificate, including the private key, to a specified key store file or manage key store.
Revoke Revokes a CA-signed certificate.
Renew Renew a self signed or chained certificate.

Properties

Alias Alias by which the personal certificate is referenced in the key store. When we select an alias, the View Certificate panel opens.

Issued by Distinguished name of the entity by which the certificate was issued. This name is the same as the issued-to distinguished name when the personal certificate is self-signed.

Issued to Distinguished name of the entity to which the certificate was issued.

Serial number The certificate serial number generated by the issuer of the certificate.

Expiration The expiration date of the signer certificate for validation purposes.

See:

Create a Secure Sockets Layer configuration
Keystores and certificates collection

Button	Resulting action
Create (drop-down list)	Enable the application server to create the following certificates: Self-signed Certificate CA-signed Certificate Chained Certificate
Delete	To delete a certificate from the key store. Be careful that the certificate alias is not referenced elsewhere in the Secure Sockets Layer configuration.
Receive a certificate from a certificate authority	Enable the application server to receive a certificate authority (CA)-generated certificate from a file to complete a certificate request.
Replace	Replace a personal certificate with another personal certificate. All key stores in the configuration looking for signer certificate form the original personal certificate and replaces them with the new personal certificates signer. Any place in the security configuration where the certificate alias is referenced will be replaced with the new certificate alias.
Extract	Extract the signer part of personal certificate from the key store and stores it to a file. The file can then be used to add the signer to another key store.
Import	Import a certificate, including the private key, from a key store file or managed key store.
Export	Export a certificate, including the private key, to a specified key store file or manage key store.
Revoke	Revokes a CA-signed certificate.
Renew	Renew a self signed or chained certificate.

Alias	Alias by which the personal certificate is referenced in the key store. When we select an alias, the View Certificate panel opens.
Issued by	Distinguished name of the entity by which the certificate was issued. This name is the same as the issued-to distinguished name when the personal certificate is self-signed.
Issued to	Distinguished name of the entity to which the certificate was issued.
Serial number	The certificate serial number generated by the issuer of the certificate.
Expiration	The expiration date of the signer certificate for validation purposes.