Extracting the CA part of a self-signed certificate from a key repository

 

Perform the following steps on the machine from which you want to extract the CA part of a self-signed certificate:

1. Start the iKeyman GUI using either the gsk7ikm command (on UNIX) or the strmqikm command (on Windows).

2. From the Key Database File menu, click Open. The Open window displays.

3. Click Key database type and select CMS (Certificate Management System).

4. Click Browse to navigate to the directory that contains the key database files.

5. Select the key database file to which you want to add the certificate, for example key.kdb.

6. Click Open. The Password Prompt window displays.

7. Type the password you set when you created the key database and click OK. The name of your key database file displays in the File Name field.

8. In the Key database content field, select Personal Certificates and select the certificate you want to extract.

9. Click Extract certificate. The Extract a Certificate to a File window displays.

10. Select the Data type of the certificate, for example Base64-encoded ASCII data for a file with the .arm extension.

11. Type the certificate file name and location where you want to store the certificate, or click Browse to select the name and location.

12. Click OK. The certificate is written to the file you specified. Note that when you extract (rather than export) a certificate, only the public part of the certificate is included, so a password is not required.

 

Parent topic:

Transferring certificates

sy12320_