You will have to pardon my ignorance as this is my first time setting up SSL
certificates.
Yesterday we created a new Certificate Signing Request (CSR) and submitted
it to Verisign. They have sent us back a certificate, but when I go to
import it, I get this message:
An error occurred during certificate validation. The issuer of the
certificate may not be in the certificate store or the issuer may not be
enabled
The CSR we generated had to have a 2048 key to comply with new standards
Verisign has in place. I believe the new standards don't go into affect
until 2012 or 2013, but we were renewing for 3 years, so they made us use
the longer key.
My first question is: does IBM i support the 2048 key?
Next, when I created the certificate, I did not create the it in the *SYSTEM
Certificate Store. I realized I had messed that up after we had sent the
CSR to Verisign. I was hoping we could just move the certificate to the
appropriate store after the fact (export and then import). Currently I am
handling all this in the *OBJECTSIGNING store. Two questions:
Would the certificate store I am using cause this issue?
Will I be able to move the certificate to the *SYSTEM certificate store, as
I am hoping, or do I need to start over?
Thanks for the help.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.