To establish trust relationships, you can exchange signer
certificates between keystores. When you exchange signer certificates,
you are extracting a personal certificate from one keystore and adding
it to another keystore as a signer certificate.
Before you begin
To exchange signer certificates, there must be two keystores.
About this task
Complete the following steps in the administrative console:
Procedure
- Click Security > SSL certificate and key management >
Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration >
Key stores and certificates.
- Select two keystores from the list of keystores.
- Click Exchange signers.
- Select any of the certificates in the first personal certificates
list, and click Add. After adding, the signer part
of the selected personal certificate appears in the other (second)
keystore signers list.
- Select any of the certificates in the second personal certificates
list, and click Add. After adding, the signer part
of the selected personal certificate appears in the other (first)
keystore signers list.
- Optional: If you need to remove any of the
certificates from either of the signers lists, highlight one or more
of the certificates, and click Remove.
- Click Apply and Save.
Results
The signer certificate appears in the list for each keystore.
What to do next
The extracted signer certificate is available to both keystores
during the connection handshake.