Federation Manager GuideKeys and Certificates for Secure Federated CommunicationImport Trusted Certificates and Key/Certificate PairsGenerate a Key/Certificate Pair › Import a Signed Certificate Response

Previous Topic: Generate a Certificate Request

Next Topic: Generate a New Certificate Signing Request
Import a Signed Certificate Response

After completing a certificate request and sending it to the Certificate Authority, the Certificate Authority issues a signed certificate response, which you import into the key database. After the signed certificate is imported, the existing self-signed certificate entry of the same alias is replaced.

To import a signed certificate response

  1. From the Certs & Keys tab, select Certificate and Private Keys.

    The View Certificates and Private Keys dialog opens.

  2. Search for the self-signed entry with the same alias.
  3. Select Action, Update Certificate next to the entry that contains the self-signed certificate.

    The Import Certificate and Keys dialog displays.

    Note: You can click Help for a description of fields, controls, and their respective requirements.

  4. Browse to the file you want to import.

    The file should be a .p7 or .p7b file, containing the signed certificate and the corresponding certificate chain. It can also be a .cer or .crt file (base64 PEM file) with the signed certificate without the certificate chain.

  5. Click Next to move to the Select Entries step.

    The Available Entries table is displayed.

  6. Select the checkbox next to the certificate entry you want to import then click Next.

    The Confirm dialog is displayed.

  7. Review the certificate information and click Finish.

The signed certificate is imported into the key database and the self-signed certificate is replaced.

Note: To synchronize the policy engine with the key store immediately after you add or update a new certificate, restart the Federation Manager services. Otherwise, the changes to the key store are not available until the policy engine and key store synchronize. The amount of time for the policy engine and key store to synchronize depends on the configured frequency. You can modify database updates by adjusting the DBUpdateFrequencyMinutes parameter in the smkeydatabase.properties file.

Copyright © 2010 CA. All rights reserved. Email CA about this topic