Creating a chained personal certificate in SSL

A chained personal certificate is a personal certificate that is created by using another personal certificate to sign it. This chaining allows a certificate to be signed with a certificate (a root certificate) that has a long life span. Root certificates are stored in the DmgrDefaultRootStore or NodeDefaultRootStore. The server's default personal certificate is a chained certificate created when the profile is created. Chained certificates can also be created after profile creation

Before you begin

You use the administrative console to create a chained personal certificate.

Procedure

  1. Click Security > SSL certificate and key management.
  2. Under Related Items, click Key stores and certificates.
  3. Click a <keystore name> to which you want to add the chained personal certificate.
  4. Under Additional Properties, click Personal certificates .
  5. Click the Create button and select Chained Certificate The listCertificates AdminTask can be used to generate the list of root certificates available to sign the certificate.
  6. Fill in the following information to the General Properties section as follows:
    • Supply an alias name.
    • Select Root certificate from the pull down list.
    • Key size
    • Common name
    • Validity period
    • Organization
    • Organization Unit
    • Locality
    • State/Province
    • Zip code
    • Country or region
  7. Click Apply then OK.

Results

The certificate is created, signed by the root certificate specified, and stored in the keystore. Once a chained personal certificate is created, the certificate can be used by the runtime for SSL communication.




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Oct 21, 2010 7:37:48 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v701sca&product=was-nd-mp&topic=tsec_7createchainedcert
File name: tsec_7createchainedcert.html