A certificate is a *.cer file containing information about the owner of the certificate, its date of issue, a serial number or other uniquely identifying detail. Certificates are used by the Secure Sockets Layer (SSL) protocol to establish a secure connection between two systems and are found as part of the configuration of a number of Rhapsody components, including the Asymmetric Cryptography and Signing / Verifying XML filters, and the TCP Client and Server communication points.
To manage SSL private keys, refer to Managing SSL Private Keys.
Viewing SSL Certificates
To view the SSL Certificates registered on the Rhapsody server, navigate to View>Certificate and Key Manager to display the Certificate and Key Manager and select the SSL Certificates tab:
The tab provides the following information:
|
Field
|
Description
|
|---|---|
| Name | The name of the SSL certificate. |
| Issued To | The name of the end user the SSL certificate is issued to. |
| Issued By | The name of the certificate authority the SSL certificate is issued by. |
| Expiration Date |
The date the SSL certificate expires. You can set up a notification to alert you when an SSL certificate used within Rhapsody is close to expiring or has expired. For details, refer to the SSL Certificate Expiry notification on the System Monitor page in the Management Console. |
You can perform the following actions from the tab via buttons or the right-click menu:
|
Action
|
Description
|
|---|---|
| Import... | Add an SSL certificate. |
| Export... | Save an SSL certificate for exporting. |
| Remove | Delete an SSL certificate. |
| Show Uses | Open the Security Object Uses dialog to display the components an SSL certificate is being used in. Double-click a component to view or edit its configuration properties. |
| Filter | Perform text-based filtering to filter the list of displayed SSL certificate. |
Importing an SSL Certificate
You can import an SSL certificate (*.cer file) that has previously been obtained from a recognized certification authority such as Microsoft®, Verisign or Thwaite, or exported from another Rhapsody installation.
To import an SSL certificate:
- Navigate to View>Certificate and Key Manager.
On the SSL Certificates tab, select the Import... button. The Import SSL Certificate dialog is displayed:
- Enter:
- A name in the Certificate Alias field to identify the SSL certificate, if required.
- The path of the SSL certificate you want to import in the Filename field or click the Browse link to locate it.
- The password to decrypt the file in the Password field, if required.
- Select the Import button to import the certificate.
If the imported certificate includes the owner's private key, the information in the file is encrypted and you must enter the password used to encrypt the file to view its contents.
Exporting an SSL Certificate
You can also export an SSL certificate as a *.cer file, then import it on another Rhapsody server. Only the owner's public key is included in an exported file. Use the SSL Private Keys tab to export a private key. Refer to Exporting a Private Key for details.
To export an SSL certificate:
- Navigate to View>Certificate and Key Manager.
- On the SSL Certificates tab, select a certificate, and then select the Export... button.
- Decide where you want to store the certificate, and then select the Save button.
Removing an SSL Certificate
Deleting an SSL certificate automatically deletes the private key associated with the certificate.
To delete an SSL certificate and private key pair:
- Navigate to View>Certificate and Key Manager.
- On the SSL Certificates tab, select the key you want to remove.
Select the Remove button. A confirmation dialog is displayed with the following message:
The certificate associated with this private key will be automatically removed when you remove the private key. Are you sure you want to delete private key "<name>" from the server?- Select the Yes button to remove the key (you can undo the deletion by selecting the Undo Remove button).