Previous Topic: Enable Client Certificate Authentication for the Back Channel(optional)Next Topic: Select the Client Cert Option for Authentication


Add a Client Certificate to smkeydatabase

When you are adding a client certificate to the key database, note the following:

To create and store a client certificate in the smkeydatabase file at the Consumer

  1. Open a command window.
  2. If necessary, create a key database by entering:

    smkeytool -createDB -password fedDB

  3. Generate a key-pair combination.

    For example, to create a private key using the PKCS8 format enter:

    smkeytool -addPrivKey -alias CompanyA -keyfile idp1pkey.pkcs8 -certfile idp1.crt -password smdb

    This example assumes that you are running smkeytool from the directory where the certificate and key are located, so there are no file paths necessary.

    The certificate is now added to the smkeydatabase.

  4. Restart the Policy Server to see the smkeydatabase changes immediately.