To establish trust relationships,
you can exchange signer certificates
between keystores. When you exchange signer certificates, you are
extracting
a personal certificate from one keystore and adding it to another
keystore
as a signer certificate.
Before you begin
To exchange signer
certificates, there must be two keystores.
About this task
Complete
the following steps in the administrative console:
Procedure
- Click Security > SSL certificate and key management >
Manage
endpoint security configurations > {Inbound | Outbound} > ssl_configuration >
Key stores and certificates.
- Select two
keystores from the list of keystores.
- Click Exchange
signers.
- Select any of the certificates
in the first personal certificates
list, and click Add. After adding, the signer part
of the
selected personal certificate appears in the other (second) keystore
signers
list.
- Select any of the certificates in the
second personal certificates
list, and click Add. After adding, the signer part
of the
selected personal certificate appears in the other (first) keystore
signers
list.
- Optional: If you need to
remove any of the certificates
from either of the signers lists, highlight one or more of the certificates,
and click Remove.
- Click Apply and Save.
Results
The signer certificate appears in the list
for each keystore.
What to do next
The extracted signer certificate
is available to both keystores during
the connection handshake.