5.4. Requesting and Receiving Certificates
5.4.1. Requesting and Receiving a Certificate through the End-Entities Page
- Certificate Request Type. This is either PKCS#10 or CRMF. Certificate requests created through the subsystem administrative console are PKCS #10; those created through the
certutiltool and other utilities are usually PKCS #10.
- Certificate Request. Paste the base-64 encoded blob, including the
-----BEGIN NEW CERTIFICATE REQUEST-----and
-----END NEW CERTIFICATE REQUEST-----marker lines.
- Requester Name. This is the common name of the person requesting the certificate.
- Requester Email. This is the email address of the requester. The agent or CA system will use this address to contact the requester when the certificate is issued. For example,
- Requester Phone. This is the contact phone number of the requester.
- Open the Certificate Manager end-entities page, for example:
- Click the Retrieval tab.
- Fill in the request ID number that was created when the certificate request was submitted, and click.
- The next page shows the status of the certificate request. If the status is
complete, then there is a link to the certificate. Click the Issued certificate link.
- The new certificate information is shown in pretty-print format, in base-64 encoded format, and in PKCS #7 format.The following actions can be taken through this page:
- To install this certificate on a server or other application, scroll down to the Installing This Certificate in a Server section, which contains the base-64 encoded certificate.
- Copy the base-64 encoded certificate, including the
-----END CERTIFICATE-----marker lines, to a text file. Save the text file, and use it to store a copy of the certificate in the security module of the entity where the private key resides. See Section 18.104.22.168, “Creating Users”.