Generating an Administrative Server Certificate

Before you run the Security Proxy Wizard, you must generate or import a certificate for the Adminsitrative Server.

NOTE:If you used an automated installer or the multi-component archive file and then ran a configuration utility, an initial self-signed certificate is generated and you can skip these steps.

If you installed Management and Security Server manually, generate a certificate using Security Setup:

  1. Start your servlet runner and log onto the Administrative WebStation.

  2. In Security Setup, click the Certificates tab.

  3. Generate or import a certificate using the links in the Administer Management and Security Server Certificate section.

    • For evaluation purposes or if you are waiting for your CA-signed certificate, generate a self-signed certificate by clicking the Generate a self-signed certificate link.

    • To use an existing CA-signed certificate, click the Import a signed certificate and private key link.

    • To request a certificate from a Certificate Authority, click the Generate a certificate signing request to a certificate authority link.

  4. Enter the requested information, and then click Submit. For more information about each entry, click Help.

  5. Verify the information. Click Submit to generate the certificate, to generate the certificate signing request (CSR), or to import the key pair. If you generated a self-signed certificate or imported a key pair, proceed to the instructions for Using the Security Proxy Wizard.

  6. If you generated a CSR, you now have a private key. The private key is kept on your server that is physically and electronically secure. Submit the CSR to a commercial certificate authority (CA) or a private CA within your organization. Popular commercial CAs include VeriSign, Thawte, and Entrust. Follow the CA's instructions for submitting your request and obtaining a server certificate. The CA will verify your company information and issue a certificate. This process may take several days.

  7. When you receive the certificate from the CA, restart the Administrative WebStation, go to Security Setup > Certificates, and click the View and process pending certificate signing requests link. Click Process the signed certificate. Specify the requested information and select Install certificate. Click Submit to package the signed public key with your stored private key and install your CA-signed certificate on the Administrative Server.