|
|
|
If you do not have a key/certificate pair in the certificate data store, request one from a trusted Certificate Authority. When the CA returns a signed certificate response, import it into the certificate data store.
Generate a certificate request using the Federation Manager UI or using a third-party tool.
When you create a request using the Federation Manager UI, Federation Manager generates a private key and a self–signed certificate pair. Federation Manager stores this pair in the certificate data store. Using the generated request, contact a Certificate Authority and fill out the CA certificate request form, pasting the contents of the generated request into the form.
The CA issues a signed certificate response, usually in PKCS #7 format. You can import the signed certificate response into the certificate data store. After the signed certificate response is imported, the existing self–signed certificate entry of the same alias is replaced.
Follow these steps:
The View Certificates and Private Keys dialog opens.
The Request Certificate dialog opens.
Note: Click Help for a description of fields, controls, and their respective requirements.
A file that conforms to the PKCS #10 specification is generated.
The browser prompts you to save or open the file, which contains the certificate request. If you do not save this file (or open it and extract the text), Federation Manager still generates the private key and self–signed certificate pair. Generate a new certificate signing request, using the Generate CSR feature, to get a new request file for the private key.
| Copyright © 2012 CA. All rights reserved. |
|