Extracting a signer certificate from a personal certificate

Personal certificates contain a private key and a public key. You can extract the public key, called the signer certificate, to a file, then import the certificate into another keystore. The client requires the signer portion of a personal certificate for Security Socket Layer (SSL) communication.

Before you begin

The keystore that contains a personal certificate must already exist.
Alternative Method: To extract a signer certificate from a personal certificate using the wsadmin tool, use the extractCertificate command of the AdminTask object. For more information, see the PersonalCertificateCommands command group for the AdminTask object article.

About this task

Complete the following steps in the administrative console:

Procedure

  1. Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates > keystore .
  2. Under Additional Properties, click Personal certificates.
  3. Select a personal certificate.
  4. Click Extract.
  5. Type the full path for the certificate file name. The signer certificate is written to this certificate file.
  6. Select a data type from the list.
  7. Click Apply.

Results

The signer portion of the personal certificate is stored in the file that is provided.

What to do next

This signer can now be imported into other keystores.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 7:16:32 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-express-iseries&topic=tsec_sslextractsigncert
File name: tsec_sslextractsigncert.html