11.3.8.7. Procedure – Signing your certificates with external CAs

If you have an external CA to sign your certificates and you want to manage these certificates in PNS, complete the following steps.

Tip

The Import and Export operations provide a convenient way to handle certificates signed by external CAs. For details, see Procedure 11.3.8.6, Importing certificates and Procedure 11.3.8.5, Exporting certificates.

  1. Generate a private-public keypair and an associated CSR using the Generate button of the Certificates tab.

  2. Export this CSR into a file using the Export button.

  3. Have the CSR signed.

  4. If the CA approves your identity and signs the certificate, Import it to the PKI system of MS.

    Note

    Make sure the appropriate entity is selected (that is, the signed certificate to the proper CSR is imported) and the Import into selected object option is checked in.

  5. The certificate can now be distributed and used on your machines.