> Expert > CommCell Management > Security > Encrypting Backup Data > Software Encryption > Key Management > Third-Party Key Management > Establishing Trust between the SafeNet KeySecure and the CommServe > Creating a Certificate for the CommServe

Signing the CommServe Certificate with CA

Sign the certificate request with a local certifying authority (CA). You must download the certificate immediately after it is signed by the CA.

Procedure

  1. Open the certificate request in a text editor.

  2. Copy the text of the certificate request. The copied text must include the header (-----BEGIN CERTIFICATE REQUEST-----) and the footer (-----END CERTIFICATE REQUEST-----).

  3. Log on to the SafeNet KeySecure appliance as an administrator with Certificate Authorities access control.

  4. Navigate to the Local Certificate Authority List (Security, CAs & SSL Certificates, Local CAs).

  5. Select the local CA and click Sign Request to access the Sign Certificate Request section.

  6. Modify the fields:

    • Sign with Certificate Authority: Select the CA that signs the request.

    • Certificate Purpose: Select the Client.

    • Certificate Duration (days): Enter the life span of the certificate.

    • Certificate Request: Paste all text from the request, including the header and footer.

  7. Click Sign Request.

  8. The CA Certificate Information section appears.

  9. Click Download.

    The certificate client.crt is downloaded to your local machine.

  10. Copy the client.crt file to CommServe machine.

What To Do Next

Configuring Encryption Key Management using Third-party Key Management Server

Loading...