Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure communications
Extract a signer certificate from a personal certificate
Personal certificates contain a private key and a public key. We can extract the public key, called the signer certificate, to a file, then import the certificate into another keystore. The client requires the signer portion of a personal certificate for Security Socket Layer (SSL) communication. The keystore that contains a personal certificate must already exist.
Alternative Method: To extract a signer certificate from a personal certificate using wsadmin, use the extractCertificate command of the AdminTask object. See the PersonalCertificateCommands command group article. Complete the following steps in the admin console:
Procedure
- Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates > keystore .
- Under Additional Properties, click Personal certificates.
- Select a personal certificate.
- Click Extract.
- Type the full path for the certificate file name. The signer certificate is written to this certificate file.
- Select a data type from the list.
- Click Apply.
Results
The signer portion of the personal certificate is stored in the file provided.
What to do next
This signer can now be imported into other keystores.
Related
Extract certificate
Extract signer certificate
Retrive signers using the retrieveSigners utility at the client
Change the signer auto-exchange prompt at the client
SSL configurations
Dynamic outbound selection of SSL configurations
Keystore configurations for SSL
Related
PersonalCertificateCommands command group