Requesting and storing certificates from Certificate Authorities
When you create a key database file, it is pre-configured
with the CA signer (trusted root) certificates of well-known CAs required
to identify the CA from whom the server certificate is issued. CAs
whose signer certificates are not predefined in a key database file
are referred to as unknown CAs. The following well-known CA
signer certificates are automatically stored in a newly created key
database file and marked as trusted root certificates.
- Thawte Personal Premium CA
- Thawte Personal Freemail CA
- Thawte Personal Basic CA
- Thawte Premium Server CA
- Thawte Server CA
- RSA secure server CA (also obtained from VeriSign)
- VeriSign class 4 public primary CA
- VeriSign class 3 public primary CA
- VeriSign class 2 public primary CA
The following sections provide an overview of the steps used to
request and store certificates from well-known and unknown
CAs:
- Creating the certificate request
- Sending the certificate request
- Storing the certificate