Access the Administration Server and choose the Security tab.
Click the Request Certificate link.
In the form that iPlanet Web Server displays, specify if this is a new certificate or a certificate renewal. Many certificates expire after a set period of time, such as six months or a year. Some CAs will automatically send you a renewal.
Perform the following steps to specify how you want to submit the request for the certificate:
If the CA expects to receive the request in an email message, check CA Email and enter the email address of the CA. For a list of CAs, click List of available certificate authorities.
If you are requesting the certificate from an internal CA that is using Netscape Certificate Server, click CA URL and enter the URL for the Certificate Server. This URL should point to the certificate server's program that handles certificate requests. A sample URL might be: https://CA.mozilla.com:444/cms.
From the drop-down list, select the cryptographic module for the key-pair file you want to use when requesting the certificate.
Type the password for your key-pair file. This is the same password you specified when you created the trust database in Creating a Certificate Trust Database. The server uses the password to get your private key and encrypt a message to the CA. The server then sends both your public key and the encrypted message to the CA. The CA uses the public key to decrypt your message.
Type your identification information. The format of this information varies by CA. For a general description of these fields, see Required CA Information. Note that most of this information usually isn't required for a certificate renewal.
Double-check your work to ensure accuracy. The more accurate the information, the faster your certificate is likely to be approved.
Click OK once you've checked that the information is correct. If your request is going to a certificate server, you'll be prompted to verify the form information before the request is submitted. You should re-read the information and then click OK to submit the request to the certificate server.