In addition to generating self-signed user certificates and replacing these with CA-signed user certificates, you can import user and CA certificates from scratch.
User certificates must always have an associated private key. When importing a user certificate, a private key must also be supplied. This is not the case with CA certificates. The Certificate Authority keeps its own private keys.
Importing user certificates and private keys (one PKCS12 file)
You can import a user certificate and private key together. A PKCS#12 file is password encrypted and contains both a certificate/certificate chain and the corresponding private key.
- In the web UI, go to Certificates button in the tool bar. . In the native UI, go to or click the
- Right-click the Users store in the tree pane and select
- Type a new user alias.
- Enter the password of the private key being imported. If the private key is unprotected (that is, it does not have a password), enter a password and select Add password to unprotected key.
- Select Personal Information Exchange-PKCS #12 (.P12).
- Enter or browse for the PKCS12 filename. The PKCS12 file extension does not matter, as long as it is a valid PKCS12 file.
- Click Import to import the user certificate (possibly with chain) and the private key.
Importing user certificates with private keys (two files)
You can import a user certificate and private key separately.
- In the web UI, go to Certificates button in the tool bar. . In the native UI, go to or click the
- Right-click the Users store in the tree pane and select
- Enter a new user alias.
- Enter the password of the private key being imported. If the private key is unprotected (does not have a password), enter the desired password and select Add password to unprotected key.
- Select Certificate file and Private Key file.
- Enter or browse for the certificate filename and the private key filename. The certificate file extension does not matter. The Certificate Manager will determine automatically whether just one certificate (CER/DER) or a certificate chain (P7B) is included.
- Click Import to import the user certificate (possibly with chain) and the private key.
Importing CA certificates
You can import a CA certificate.
- In the web UI, go to Certificates button in the tool bar. . In the native UI, go to or click the
- Do one of the following:
- Right-click the Trusted CAs store and select
- or the Pending CAs store in the tree pane and select .
- Right-click the Trusted CAs store and select or the Pending CAs store in the tree pane and select . Certificate Manager will automatically detect whether a certificate being imported is an intermediate or root CA.
- Type or browse for the CA certificate filename. The certificate file extension does not matter. The Certificate Manager will automatically determine whether just one certificate (CER/DER) or a certificate chain (P7B) is included.
- Click Import to import the CA certificate/certificate chain.
Comments
0 comments
Please sign in to leave a comment.