Add Intermediate and Root Certificates to CA Spectrum

Use the SSL Certificates administration page to load root and intermediate certificate authority certificates for the CACs.
casp1031
Use the SSL Certificates administration page to load root and intermediate certificate authority certificates for the CACs.
For more information, see the OneClick Administration section.
Follow these steps:
  1. Click Administration in the OneClick home page.
    The Administration Pages open.
  2. Click SSL Certificates in the left side panel.
    The SSL Certificates page opens.
  3. Load the root or intermediate certificate authority Certificates for the CACs in the 'File with Certificate' field.
  4. Enter an appropriate alias name of your choice.
  5. Click Save.
    Restarting the OneClick server is not required after you load each separate certificate. You can wait until you have loaded all of the desired certificates.
  6. Repeat Steps 3-5 for every certificate you want to load.
  7. (Optional) Load the Online Certificate Status Protocol (OCSP) Responder Certificate if you are using (OCSP).
    Record the name of the certificate alias that is associated with this certificate. The alias name is a requirement for a later step.
  8. (Optional) Load the LDAP certificate if you are using SSL to connect to the LDAP server.
  9. Click Restart OneClick Server after you have loaded all of the appropriate certificates.
How to perform key functions:
  1. Go to $SPECTRUM/Java/bin and run ./keytool.exe -help Key and Certificate Management Tool and run the following commands to perform any specific function:  
    -certreq Generates a certificate request 
    -changealias Changes an entry's alias 
    -delete Deletes an entry 
    -exportcert Exports certificate 
    -genkeypair Generates a key pair 
    -genseckey Generates a secret key 
    -gencert Generates certificate from a certificate request 
    -importcert Imports a certificate or a certificate chain
    -importpass Imports a password 
    -importkeystore Imports one or all entries from another keystore 
    -keypasswd Changes the key password of an entry -list Lists entries in a keystore 
    -printcert Prints the content of a certificate 
    -printcertreq Prints the content of a certificate request 
    -printcrl Prints the content of a CRL file 
    -storepasswd Changes the store password of a keystore
Refer to docops page on how to use the keytool!