Import an external CA

Optionally, you can also import an external certificate. Ensure the certificate is valid and configured to validate certificates before you import it. SecureTransport does not check the validity of the certificate.

A X509 certificate can be imported as a trusted CA in the form of a X509 DER or PEM encoded file.

Note SecureTransport protocol servers and services do not require restart after importing, overwriting, or deleting a trusted certificate.
  1. Select Configure > 3-Generate CA.
  2. SecureTransport displays the Internal CA pane.
  3. Click Import CA.
  4. SecureTransport displays the Import Certificate page.
  5. Enter a password in the field provided. The password is required.
  6. If the CA certificate requires a pass phrase, SecureTransport uses this password. If the certificate does not require a pass phrase, the password is ignored. SecureTransport also uses this password to encrypt the CA private key in the keystore stored in the database and file system.
  7. Specify the certificate by browsing to the PKCS#12 (PEM/DER) file.
  8. Click Import.

Now, SecureTransport uses the imported certificate as Internal CA and signs all certificates generated using that CA.

Note For more information, refer to the topic on importing an external CA in the SecureTransport Administrator's Guide.

Related Links