Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure communications > Create an SSL configuration


Recover deleted certificates in SSL

The SSL configuration contains a keystore created to hold personal certificates that were deleted from other keystores in the configuration. Perform this task to recover deleted certificates.

The SSL configuration contains a keystore created to hold personal certificates that were deleted from other keystores in the configuration. On a stand alone application server the keystore is called NodeDefaultDeletedStore and on a dmgr the keystore is called DmgrDefaultDeletedStore.

When a personal certificate is deleted from a keystore using the admin console or in a script using the deleteCertificate AdminTask, a copy of the certificate is stored in the DmgrDeletedKeyStore or NodeDeletedKeyStore. The personal certificate takes the alias of <keystore>_ <alias> > in the deleted keystore. If the alias name is already used in that deleted keystore a <unique number> is appended to the alias.

A personal certificate can be recovered from the deleted keystore by importing or exporting the personal certificate to a keystore in the configuration. To recover a personal certificate using the admin console perform the following steps:


Procedure

  1. Click Security > SSL certificate and key management.

  2. Under Related Items, click Key stores and certificates.

  3. From the Keystore usages drop-down list, select "Deleted certificates keystore".

  4. Click DmgrDefaultDeletedStore or NodeDefaultDeletedStore.

  5. Under Additional Properties, click Personal certificates.

  6. Select a certificate.

  7. Select Export

  8. Click OK.
  9. Perform the following:

    • • Enter the keystore password of the deleted keystore.
    • • Enter The alias to be assigned to the certificate (in the key store that will receive the certificate).
    • • Select the ‘Managed key store’ radio button.
    • • Select the key store from the drop down list that will receive the certificate.

    • Click Apply then OK.


Results

To recover a personal certificate you can also use the exportCertToManagedKS AdminTask command.
PersonalCertificateCommands command group
Create an SSL configuration

+

Search Tips   |   Advanced Search