Signing Certificate Sign RequestsAdded by IBM on November 30, 2011 | Version 1 (Original)
|KU2, KU3, KU4: The newly created pairs of keys must be signed to confirm the identity of the associated computer systems. To this, the associated certificate sign requests are signed by a certificate authority.
KU2, KU3, KU4: The newly created pairs of keys must be signed to confirm the identity of the associated computer systems. To this, the associated certificate sign requests are signed by a certificate authority.
The results in certificates contain the following:
The public key of the relevant computer system
Information that identifies the associated computer system
General information about the certificate itself
You can sign the certificate sign requests in two ways:
Parent topic: Certificate Strategy Overview
By a certificate authority that you have configured in the scope of these instructions. In this case, proceed as documented for the relevant certificate authority, continue with section "How to Import a Certificate in the Server Keystore".
By the certificate authority you have configured in “Configuring a simple Certificate Authority”. In this case, proceed as described in section "How to Sign a Certificate Sign Request".
How to Sign Certificate Sign Requests
KU4: Sign the certificate sign request with the certificate authority.
How to Import Certificate in the Server Keystore
KU2, KU3, KU4: To enable the Lotus Sametime computer systems using their keys and associated signed certificates for communication, keys and signed certificates must be combined in the associated PKCS#12
How to Store a provided PKCS#12 File
KU1: If prepared PKCS#12 files are provided for configuring the certificate strategy, you need to store these files on the associated Lotus Sametime computer systems.