X.509 Authentication and SSO

Hi,

I'm currently running ECC 6.0 EHP4 on NW 7.01. I'm attempting to setup SSO/Authentication using X.509 certificates.

I have been using the pages on SAP and I have completed everything that is required but I'm having no joy. I have read many threads on here but none seem to give me the details I require I was hoping someone could give me an example of what to do with the following:-

When getting a CA to sign my certificate request (Currently using SAP Test) What do I need to request?

When importing the certificate in to my browser it says "This certificate cannot be verified up to a trusted certificate authority"

SAP is the CA why does it say this?

I also have a question connected with the contents of USREXTID. I have maintained the entries in this table under the External ID Type = DN. Again if someone could give an example I would be very grateful.

Regards,

Andy.