How to install and configure a certificate from a Certificate Authority?

Answer

1. Request CA certificate from either iKeyman or using ISC console - which will be in .arm file to export.
   http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.nd.multiplatform.doc/info/ae/ae/tsec_sslcreateCArequest.html
2. Send the .arm file to CA Third-party authority to sign.
3. CA Third-party authority will sign and send back a Personal Certificate as well as a Public Signer, sometimes they send back only a Personal Certificate after singing, they assume that you have their third-party signer.
4. Add signer to the keyStore and then received the personal into the keyStore
   http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.nd.multiplatform.doc/info/ae/ae/tsec_sslreceiveCAcert.html
5. Export the personal certificate and then import to signer section of the trustStore or use Exchange Signer from console by selecting keyStore and trustStore to exchange.
6. Map the new CA certificate to an endpoint. You can do this from the Administrative console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > select server from {Inbound | Outbound} > ssl_configuration. Select a scope for the SSL configuration and select the certificate under Certificate alias in keyStore.
   http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/usec_sslconfigscopes.html