Import and Export X.509 Certificates

For an X.509 certificate, you import or export a complete certificate in a single operation.

To export:

1. From the Certificates page, select the menu available in the row for the certificate you want to export. Or open the details page for that certificate and select its Actions menu.

2. In either menu, select Export, then Certificate.

3. Select a location for the export file. By default, this file is called [alias].cer.

To import, use either of two procedures. Select the one appropriate for what you want to do:

• The first procedure replaces a self-signed certificate with a trusted version (one signed by a CA) of the same certificate. (A prerequisite is that you have received a response to a signing request.)

  1. In the Certificates page, locate the row for the self-signed certificate, and open its menu. Or, open the details page for the certificate, and select its Actions menu. In either menu, select Import.

  2. Enter the private key password for the certificate.

  3. Browse for and select the file returned by a CA in response to a signing request, and click the Import button.

  In the Certificates page, the type value for the certificate changes from self-signed to trusted.

• The second procedure imports a new X.509 certificate. You can import a .cer file, or you can import a keystore that contains one or more certificates.

  1. In the Certificates page, click the Import button. An Import page opens.

  2. Select X.509, then choose whether you're importing a certificate or a keystore.

  3. Enter identifying values, which depend on what you have chosen to import. In either case, enter an alias (which, if you're importing a .cer file, need not match its alias). For a keystore, you must also provide a keystore password and a private key password.

  4. Browse for and select the import file.

  5. Select Import and Close.