Adding certificates from certifying authorities

WebSphere Partner Gateway - Express uses digital certificates to develop trust in the user's public key. A certificate is, essentially, an endorsement of the authenticity of a private key. Certificates can be digitally signed by highly trusted parties that perform background checks on the certificate owners to verify their identities. These highly trusted parties are CAs, and can confer varying levels of trust to certificates. In fact, CAs can delegate trust to other CAs by signing the secondary CA's certificate. This creates a certificate "chain." In this way, a trusted third party (the CA) vouches for the authenticity of the certificate, and the method used to vouch is a digital signature included in the certificate.

Using the Certifying Authority page, you can add and delete certificates.

Important:
All CA certificates in the certification path must be added. If any CA certificate is not added, the certificate path will not be built, and document processing will fail.

Adding new certificates

To add new public certificates to the Certifying Authority, use the following procedure.

Note:
When you upload a CA certificate, be sure to upload the corresponding CA certificate chain.

  1. Click the Security tab, then click Certifying Authority in the navigation bar. The Certifying Authority page appears.
  2. Click the Add New Certificate button. The Certifying Authority page appears.
  3. Click the Browse button. The File Upload dialog box appears.
  4. Navigate to the location where the certificate you want to add is located. Then click the certificate and click the Open button. The path where the certificate resides appears in the Certifying Authority page.
  5. Click the Submit button. The certificate is added to WebSphere Partner Gateway - Express and its name appears in the Certifying Authority page.
    Important:
    If the certificate contains a noncompliant key usage, a warning message appears asking if you want to continue to upload or discard the certificate. If you choose to continue to upload the noncompliant certificate, you must replace it with a compliant certificate before using it.
  6. To add more certificates, repeat steps 2 through 5.

Deleting a certificate

If you no longer need a certificate, use the following procedure to delete it from WebSphere Partner Gateway - Express.

  1. Click the Security tab, then click Certifying Authority in the horizontal navigation bar. The Certifying Authority page appears.
  2. In the Delete column, click the Delete Certificate/Key icon that corresponds to the certificate you want to delete. A confirmation dialogue box appears, asking you to confirm that you want to proceed with the deletion.
  3. Click OK to delete the certificate or Cancel to retain it.

Copyright IBM Corp. 2003, 2005