Adding
certificates from certifying authorities
WebSphere Partner Gateway - Express uses digital certificates
to develop trust in the user's public key. A certificate is, essentially,
an endorsement of the authenticity of a private key. Certificates
can be digitally signed by highly trusted parties that perform background
checks on the certificate owners to verify their identities. These
highly trusted parties are CAs, and can confer varying levels of
trust to certificates. In fact, CAs can delegate trust to other
CAs by signing the secondary CA's certificate. This creates
a certificate "chain." In this way, a trusted
third party (the CA) vouches for the authenticity of the certificate,
and the method used to vouch is a digital signature included in
the certificate.
Using the Certifying Authority page, you can add and delete certificates.
Important:
All CA certificates in the certification path must be
added. If any CA certificate is not added, the certificate path
will not be built, and document processing will fail.
Adding new certificates
To add new public certificates to the Certifying Authority,
use the following procedure.
Note:
When you upload a CA certificate, be sure to upload
the corresponding CA certificate chain.
- Click the Security tab, then click Certifying Authority in
the navigation bar. The Certifying Authority page appears.
- Click the Add New Certificate button.
The Certifying Authority page appears.
- Click the Browse button. The File Upload
dialog box appears.
- Navigate to the location where the certificate you want to add
is located. Then click the certificate and click the Open button.
The path where the certificate resides appears in the Certifying
Authority page.
- Click the Submit button. The certificate
is added to WebSphere Partner Gateway - Express and its name appears
in the Certifying Authority page.
Important:
If the certificate contains a noncompliant key usage,
a warning message appears asking if you want to continue to upload
or discard the certificate. If you choose to continue to upload
the noncompliant certificate, you must replace it with a compliant
certificate before using it.
- To add more certificates, repeat steps 2 through 5.
Deleting
a certificate
If you no longer need a certificate, use the following
procedure to delete it from WebSphere Partner Gateway - Express.
- Click the Security tab, then click Certifying Authority in
the horizontal navigation bar. The Certifying Authority page appears.
- In the Delete column, click the Delete Certificate/Key icon
that corresponds to the certificate you want to delete. A confirmation
dialogue box appears, asking you to confirm that you want to proceed
with the deletion.
- Click OK to delete the certificate or Cancel to
retain it.
