It usually takes two to three weeks to get a certificate from a
well known certificate authority (CA). While waiting for a certificate to
be issued, use IKEYMAN to create a self-signed server certificate to enable
SSL sessions between clients and the server. Use this procedure if you act
as your own CA for a private Web network.
About this task
Complete the following steps to create a self-signed certificate:
Procedure
- If you have not created the key database, see Creating a new key database for
instructions.
- Start the IKEYMAN user interface.
- Click Key Database File from the main UI, and then click Open.
- Enter your key database name in the Open dialog box, or click the key.kdb file,
if you use the default. Click OK.
- In the Password Prompt dialog box, enter your correct password
and click OK.
- Click Personal Certificates in the Key Database content
frame, and click the New Self-Signed radio button.
- Enter the following information in the Password Prompt dialog box:
- Key label: Enter a descriptive comment to identify the key and certificate
in the database.
- Key size: Choose your level of encryptions from the drop-down menu.
- Common Name: Enter the fully qualified host name of the Web server
as the common name. Example: www.myserver.com.
- Organization Name: Enter your organization name.
- Optional: Organization Unit
- Optional: Locality
- Optional: State/Province
- Optional: Zip code
- Country: Enter a country code. Specify at least two characters. Example:
US Certificate request file name, or use the default name.
- Validity Period
- Click OK.