To obtain a certificate from a certificate authority, submit a certificate signing request (CSR) using the key management utility (iKeyman). You can request either production or test certificates from a CA with a CSR. With the key management utility, generating a certificate signing request also generates a private key for the application for which the certificate is requested. The private key remains in the application keystore file, so it stays private. The public key is included in the certificate requested.
Before you begin
For information on how to create a certificate signing request from a key database file, see the http://www.ibm.com/developerworks/java/jdk/security/iKeymanDocs.zip file.Steps for this task
cat certreq.arm |tr -d "\r" > new_certreq.arm
Result
The Personal Certificate Requests list shows the key label of the new digital certificate request you just created. Send the file to a CA to request a new digital certificate, or cut and paste the request into the request forms of the CA Web site.What to do next
You need to request a certificate authority-signed digital certificate for your secure WebSphere domain. Once you submit the certificate signing request, wait for the CA to accept the request. After the CA has verified your identity, it sends back the signed certificate usually through e-mail. Receive the signed certificate back to the keystore file from which you generated the CSR.Related tasks
Receiving certificate authority-signed personal certificates
Managing digital certificates