Skip to Content
1

CSR signing by trusted CA

Sep 07, 2017 at 12:24 PM

65

avatar image
Former Member

Hi,

Can anyone provide me any link or steps how can I get my keypair signed by HCI trusted CA.

The CSR is created. How to upload this in Godaddy/Baltimore or any other trusted CA site and get it signed?

One more thing, I can't see keystore option under deployed artifacts of Eclipse now-a-days. Then, how to delpoy system.jks.

Thanks,

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Gayathri Narayana
Sep 07, 2017 at 08:28 PM
1
Share
10 |10000 characters needed characters left characters exceeded
Gayathri Narayana
Sep 07, 2017 at 08:28 PM
0
Show 2 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hi Gayathri,

Thanks for your reply. I have few doubts. Can you please clarify below to make my cxf-endpoint-IFLMAP-hcisbl green.

1) I have created one system.jks file using key explorer. Generated one key pair and generated CSR. Now, I need to sign this using one trusted CA. So I need to contact with some trusted CA and pay for the CA reply. Am I correct?

2) I need to import all 3 certificates of HCI load balance. Should I download it from below link or load balancer should have some separate URL-

https://xxxxx-tmn.hci.eu1.hana.ondemand.com/itspaces

Please reply. It's quite urgent.

0

I also would like to know how signing the CSR from a trusted CA works in real life Scenarios.

Most of the big CAs don't actually issue real Client certificates used for authentication (correct me if I'm wrong there). So would we then Need to have an own intermediate (issuing) CA for our Company that itself is then trusted by an approved CA?

Example:

- thawte Primary Root CA - G3 (Trusted Root CA)

- Example.org Issuing (Issuing CA)

- someclient.example.org (Client Certificate)

Any insights on that from a real life perspective?

Many Thanks

0