I've asked for and they've provided a zip with several files, including:
cert-req.txt
pfx-password.txt
star_company_com.cer
star_company_com.jks
star_company_com.crt
star_company_com.pfx
They want me to tie the cert to their SSL web server, their non-SSL web server and FTP (those are already secured with a soon-to-expire cert)
Blessings
TomH
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Jacob Banda
Sent: Monday, March 1, 2021 5:32 PM
To: midrange-l@xxxxxxxxxxxxxxxxxx
Subject: Re: How do I import .crt certificate that was generated by csr on another system?
I THINK this is what you're looking for:
https://www.ibm.com/support/pages/how-import-certificates-p12-or-pfx-extensi
ons
First question: is the file password protected?
Second question: did they give you the private key?
Third question: what exactly does your netadmin mean by "tie it to their secure website"? Are you hosting a webserver on your 400 for employee access?
What Brad mentioned is how I've done it as well. But the details of what exactly they gave you will help a bit more. Typically if you're going to import SSL certificates, you'll import the whole chain including the private key bundled in the PKCS12 format (which should be password protected). Since you didn't generate the CSR, you don't have the private key on your 400, and hence you can't use just the wildcard public certificate for enabling SSL on your 400 apps. You'd need the private key from the machine that generated the CSR as well.
The only other alternative I can think of is that they intended to give you the Signer (Root) Certificate of their wildcard cert, so that way you could import it in DCM and then your 400 would trust their site(s).
Have you tried double clicking the file on a Windows machine to see what metadata comes back, or opening it in notepad?
-----------------------------------------
Jacob Banda
-----------------------------------------
midrange.com
