[AIX Solaris HP-UX Linux Windows]

Receiving a signed certificate from a certificate authority

This topic describes how to receive an electronically mailed certificate from a certificate authority (CA), that is designated as a trusted CA on your server. A certificate authority is a trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs.

About this task

The certificate authority can send more than one certificate. In addition to the certificate for your server, the CA can also send additional signing certificates or intermediate CA certificates. For example, Verisign includes an intermediate CA certificate when sending a Global Server ID certificate. Before receiving the server certificate, receive any additional intermediate CA certificates. Follow the instructions in the Storing a CA certificate topic to receive intermediate CA certificates.

Receive the CA-signed certificate into a key database as follows:


  1. Start the IKEYMAN user interface.
  2. Click Key Database File from the main UI, then click Open.
  3. Enter your key database name in the Open dialog box, or click the key.kdb file, if you use the default. Click OK.
  4. Enter your correct password in the Password Prompt dialog box, then click OK.
  5. Click Personal Certificates in the Key database content frame, then click Receive.
  6. Enter the name of a valid Base64-encoded file in the Certificate file name text field in the Receive certificate from a file dialog box. Click OK.