Manage personal certificates in a certificate database
Manage personal certificates
From the local management interface, go to the SSL Certificates management page.
System > Secure Settings > SSL Certificates > Certificate database > Manage > Edit SSL Certificate Database > Personal Certificates
All personal certificate names are displayed on this tab. If the Issuer or Subject field contains characters in a language other than English, these characters might be displayed in the panel as encoded characters.
Import a personal certificate
Manage > Import > Browse > file containing personal certificate > Import
Any PKCS 12 file to be imported must have the file extension .p12 for the import operation to be successful.
Optinal: Password for the file containing the personal certificate to import.
Commit changes . Receive a personal certificate
A personal certificate can be received only if a corresponding certificate request exists.
- Click...
Manage > Recieve > Browse > personal certificate
- Select the Default check box if we want to set the personal certificate as default.
- Click Receive.
- Commit changes.
View a personal certificate
- Select the personal certificate we want to view.
- Click Manage > View. The content of the personal certificate is displayed in the browser.
- Optional: Click Export. Then, confirm the save operation in the window that pops up. We must configure the software that blocks pop-up windows in the browser to allow pop-up windows for the appliance before files can be exported.
Export a personal certificate
- Select the personal certificate to export.
- Click Manage > Export. You must configure the software that blocks pop-up windows in the browser to allow pop-up windows for the appliance before files can be exported.
- Confirm the save operation in the browser window that pops up.
Extract a personal certificate
The Extract option is used to export a single certificate and its private key (if one exists) from the current key database to a new pcks12 formatted key database.
- Select the personal certificate to extract.
- Click Manage > Extract.
- In the Extract Personal Certificate window, enter a password for the extracted certificate container and confirm the password.
- Click Extract. We might want to save the certificate with the .p12 file extension for later use. Any PKCS 12 file to be imported must have the file extension .p12 for the import operation to be successful.
Delete a personal certificate
- Select the personal certificate to delete.
- Click Delete.
- In the window that pops up, click Yes.
- Commit changes.
Create a personal certificate (self-signed)
- Click New.
- Enter Certificate Label, Certificate Distinguished Name, Key Size, and Expiration Time. The default value for Expiration Time is 365 days.
The distinguished name must be in the following format:
CN=cName, OU=orgUnit, O=org, L=city, S=state, C=countryCode
S= and ST= might be used for specifying state. However, the certificate or the certificate request always uses ST= .
Any error in the distinguished name results in Error box with CTGSK3024W Invalid value for parameter "-dn" (<entered dn-value>) on save
- Optionally, select an entry from the Signature Algorithm list. If this option is not specified, the default signature algorithm is used.
- Select the Default check box if we want to set this personal certificate as the default certificate.
- Click Save.
- Commit changes.
Set a personal certificate as default
- Select the personal certificate to edit.
- Click Edit.
- Select the Set as the Default Certificate check box to set the personal certificate as the default certificate.
- Click Save.
- Commit changes.
Parent topic: Manage SSL certificates