IBM HTTP Server

Installing certifications on IBM HTTP Server

IKEYMAN for Certificate Installation

Digi-Sign sends more than one certificate. In addition to the certificate for your server Digi-Sign send an Intermediate CA Certificate (the Digi-Sign certificate) and a Root CA Certificate (UTN-USERFirst-Hardware). Before installing the server certificate, install both of these certificates. Follow the instructions in 'Storing a CA certificate'.

NOTE:If the authority who issues the certificate is not a trusted CA in the key database, you must first store the CA certificate and designate the CA as a trusted CA. Then you can receive your CA-signed certificate into the database. You cannot receive a CA-signed certificate from a CA who is not a trusted CA. For instructions see 'Storing a CA certificate'

Storing a CA Certificate:

• Enter IKEYMAN on a command line on UNIX, or start the Key Management utility in the IBM HTTP Server folder on Windows.
• Select "Key Database File" from the main User Interface, select Open.
• In the Open dialog box, select your key database name. Click OK.
• In the Password Prompt dialog box, enter your password and click OK.
• Select "Signer Certificates" in the Key Database content frame, click the Add button.
• In the Add CA Certificate from a File dialog box, select the certificate to add or use the Browse option to locate the certificate. Click OK.
• In the Label dialog box, enter a label name and click OK.

To receive the CA-signed certificate into a key database:

• Enter IKEYMAN on a command line on UNIX, or start the Key Management utility in the IBM HTTP Server folder on Windows.
• Select "Key Database File" from the main User Interface, select Open.
• In the Open dialog box, select your key database name. Click OK.
• In the Password Prompt dialog box, enter your password, click OK.
• Select Personal Certificates in the Key Database content frame and then click the Receive button.
• In the Receive Certificate from a File dialog box, select the certificate file. Click OK.