× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I THINK this is what you're looking for:
https://www.ibm.com/support/pages/how-import-certificates-p12-or-pfx-extensi
ons

First question: is the file password protected?
Second question: did they give you the private key?
Third question: what exactly does your netadmin mean by "tie it to their
secure website"? Are you hosting a webserver on your 400 for employee
access?

What Brad mentioned is how I've done it as well. But the details of what
exactly they gave you will help a bit more. Typically if you're going to
import SSL certificates, you'll import the whole chain including the private
key bundled in the PKCS12 format (which should be password protected). Since
you didn't generate the CSR, you don't have the private key on your 400, and
hence you can't use just the wildcard public certificate for enabling SSL on
your 400 apps. You'd need the private key from the machine that generated
the CSR as well.

The only other alternative I can think of is that they intended to give you
the Signer (Root) Certificate of their wildcard cert, so that way you could
import it in DCM and then your 400 would trust their site(s).

Have you tried double clicking the file on a Windows machine to see what
metadata comes back, or opening it in notepad?

-----------------------------------------
Jacob Banda
-----------------------------------------



-----Original Message-----
date: Mon, 1 Mar 2021 16:33:00 -0600
from: Brad Stone <bvstone@xxxxxxxxx>
subject: Re: How do I import .crt certificate that was generated by
csr on another system?

The only way I've been able to do this (this is from memory since it's
rare) is if the cert is exported with a password. Then importing it you'll
use the password and don't need a CSR.

I could be wrong.. but that is how I remember doing it when moving a
certificate from one IBM i to another.

On Mon, Mar 1, 2021 at 4:31 PM Tom Hightower <tomh@xxxxxxxxxxx> wrote:

I've been given a .crt certificate file from the netadmin, requesting that
I import it the 400 and tie it to their secure website. It's issued to *.
company.com.

I've done similar before after a generating the .csr on the 400, getting
the certificate from the vendor, then importing the received certificate.
If I just try to 'Import Certificate' (Server or client), I get a message
telling me 'No request key is found for the certificate.'

What's the process for importing a crt certificate without first
generating a csr?

Thanks!
TomH


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.