Sun Java System Web Server 6.1 SP11 Administrator's Guide

Requesting and Installing a VeriSign Certificate

VeriSign is the Sun Java System Web Server’s preferred certificate authority. VeriSign’s VICE protocol simplifies the certificate request process. VeriSign has the capability to return their certificate directly to your server.

After creating a certificate trust database for your server, you can request a certificate and submit it to a Certificate Authority (CA). If your company has its own internal CA, request your certificate from them. If you plan to purchase your certificate from a commercial CA, choose a CA and ask for the specific format of the information they require. A list of available certificate authorities including links to their sites, is available on the Request a Certificate page. For more information on what CAs may require, a list of Certificate Authorities is available through both Server Administrator, and Server Manager Security Pages under Request a Certificate.

The Administration Server can have only one server certificate. Each server instance can have its own server certificate. You can select a server instance certificate for each virtual server.

ProcedureTo request a VeriSign certificate

  1. Access either the Administration Server or the Server Manager and choose the Security tab.

    From the Server Manager you must first select the server instance from the drop-down list.

  2. Click the Request VeriSign Certificate link.

  3. Review the steps required.

  4. Click OK.

  5. Follow the VeriSign procedure.

ProcedureTo install a VeriSign certificate

If you request and receive approval for a VeriSign certificate, it should appear in the drop-down list of the Install VeriSign Certificate page in one to three days. To install a VeriSign Certificate, perform the following steps:

  1. Access either the Administration Server or the Server Manager and choose the Security tab.

    From the Server Manager you must first select the server instance from the drop-down list.

  2. Click the Install VeriSign Certificate link.

  3. Choose internal (software) from the drop-down list for cryptographic module, unless you will use an external encryption module.

  4. Enter your Key Pair File Password or PIN.

  5. Select the Transaction ID to Retrieve from the drop-down list.

    You will usually want the last one.

  6. Click OK.

  7. For the Server Manager, click Apply.

  8. Restart the server for changes to take effect.