After you submit a CSR to a Certificate Authority (CA) and receive the CA-signed certificate back, you must replace the user certificate previously generated in Certificate Manager.
If the CA-signed certificate is sent embedded in an email, cut and paste the certificate into a certificate file. This involves copying from the
-----BEGIN CERTIFICATE----- marker to the
-----END CERTIFICATE----- marker (inclusive) into a text editor. The extension you give the certificate file does not really matter. Certificate Manager will automatically determine whether just one certificate (CER/DER) or a certificate chain (P7B) is included. If a certificate chain is found, this means intermediate and/or root CA certificates have been included. These are imported, along with the CA-signed user certificate, into the proper stores.
- In the web UI, go to Certificates button in the tool bar.. In the native UI, go to or click the
- Right-click the user certificate in the tree pane and select
- Enter the private key password. Use the same password that was used to generate the self-signed user certificate.
- Enter or browse for the certificate filename.
Note: In the web UI, you must click Import to display a dialog box where you can enter or browse for a certificate filename, select a file, and then click Open.
- Click Import to replace the user certificate with the CA-signed certificate.
Note: You can repeat this process if a replacement CA-signed certificate is received at a later time.