 |
|
SSL Certificates Support
|
Backup a Certificate
When you backup an SSL certificate, the system copies
the private key into an encrypted file. The private key was created
on the server when the Certificate Signing Request (CSR) was generated.
Select the correct software vendor and version below for backup instructions.
Microsoft IIS Version 4.0
- Open the Microsoft Management Console: Start > Programs
> Windows NT 4.0 Option Pack > Microsoft Internet Information
Server > Internet Service Manager.
- Right-click the Web site containing the certificate and select
Properties.
- Click the Directory Security tab.
- In the Secure
Communications section, click Edit.
- Click Key Manager.
- Select the key to export.
- On the menu
bar, select
Key > Export Key > Backup File.
- A message warns
you about placing sensitive information in a file on your hard drive. Click OK.
- Specify the name of the file that will hold the exported key. Click Save.
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
Microsoft IIS Version 5.0
- In the Internet Information Services snap-in, right-click the Web site you want to manage,
and then select Properties.
- On the Directory Security
tab, click View Certificate.
This displays the Certificate dialogue box.
- Select the Details tab
and then select Copy To File. This starts the Certificate Export Wizard. Click Next.
- You can export
the certificate file with or without the associated private key. If
you want to export the private key, select the Yes option. Otherwise, select the No option. Click Next.
- The next page
lets you choose the export file format. The default format should be
adequate, so note the format that will be used. IMPORTANT: Select - Include all certificates in the path.
- If you elected
to export the private key, you must now set a password for the certificate
file. After you type and then confirm the password in the fields provided,
click Next.
- Specify the
name of the file you want to export. Click Browse if you want to use the Save As dialogue box to set the file location and name.
- Click Next and then click Finish. Click OK to confirm a successful export. Click OK twice more to return to the Internet Information Services
snap-in.
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
Microsoft IIS Version 6.0
- In the
Internet Information Services snap-in, right-click the Web site you
want to manage, and then select Properties.
- On the
Directory Security tab, click View Certificate. This displays the Certificate
dialogue box.
- Select
the Details tab and then select Copy To File. This starts the Certificate
Export Wizard. Click Next.
- You can
export the certificate file with or without the associated private key.
If you want to export the private key, select the Yes option. Otherwise,
select the No option. Click Next.
- The next
page lets you choose the export file format. The default format should
be adequate, so note the format that will be used. IMPORTANT:
Select - Include all certificates in the path.
- If you
elected to export the private key, you must now set a password for the
certificate file. After you type and then confirm the password in the
fields provided, click Next.
- Specify
the name of the file you want to export. Click Browse if you want to
use the Save As dialogue box to set the file location and name.
- Click Next
and then click Finish. Click OK to confirm a successful export. Click OK twice more to return to the Internet Information Services
snap-in.
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
Apache
- Locate the private key and certificate files. The following
directives in the httpd.conf point to the location of the key and certificate
files:
SSLCertificateFile .../path/to/mycertfile.crt
SSLCertificateKeyFile
.../path/to/mykeyfile.key
- Copy the .key file, the .crt file, and the httpd.conf file
onto a diskette or CD.
<filename>.key -
private key
<filename>.crt –
public certificate
httpd.conf – Web server
configuration file
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
iPlanet Version 4.0
- Locate the alias directory within the iPlanet directory.
- Locate the files: https < server_name > cert7.db and
https <server_name> key3.db
- Copy them.
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
iPlanet Version 6.0
- Locate the alias directory within the iPlanet directory.
- Locate the files: https < server_name > cert7.db and
https <server_name> key3.db
- Copy them.
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
IBM Websphere Server
- Type ikeyman on a command line on UNIX or start the Key Management utility in the IBM Websphere Server
folder.
- Select Key Database File from the main menu, and then select Open.
- In the Open
dialog box, type your key
database name or
click the key.kdb file if you are using the default. Click OK.
- In the Password
Prompt dialogue box, type your password, and click OK.
- Select Personal Certificates in the Key Database content frame,
and then click
the Export/Import button on the label.
- In the Export/Import
Key window, select
Export Key.
- Select the key database file type.
- Type the file name or browse and select the location and file name, and then click OK.
- In the Password
Prompt dialogue box, type the password, and then click OK.
- In the Select
from Key Label list, select the correct label name and click OK.
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
Tomcat
- Navigate to
the SSL Directory where the SSL Keystore is kept. By default this can
be a hidden directory. For example: /root/.keystore
- Make a copy
of the keystore file in this directory. This contains your Private and
Public keys.
VeriSign highly recommends that you save the file
to a diskette or CD and store it in a safe place.
|
|
|
