Extract Required Certificates and CRLs from a Single SSL Certificate
If the Certificate Authority provides all the required certificates and certificate revocation information in a single certificate file, use this procedure to extract those items from that certificate.
3-4
If the Certificate Authority provides all the required certificates and certificate revocation information in a single certificate file, use this procedure to extract those items from that certificate.
Follow these steps:
- Copy the certificate to a convenient location on a local Windows computer.
- InWindows Explorer, navigate to the location of the certificate file and open it.ACertificatedialog opens.
/content/examplecertificate_main.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
- Select theCertification Pathtab, where the trusted root CA is displayed at the top of theCertification Pathpane, your device certificate at the bottom, and intermediate certificates in between.
- Select theDetailstab.
- Scroll down and select theCRL Distribution Pointsfield.The value appears in the window under the fields list.
/content/example_crl_url.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
- Select and copy the URL value.
- Paste the URL into a browser.When prompted to open or save the CRL file, selectSave. For convenience, save it to same location as the certificate.
- On theCertification Pathtab, select the intermediate certificate.
/content/examplecertificate_intermediate.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
- Select theView Certificatebutton.A newCertificatedialog opens for the intermediate certificate.
/content/examplecertificate_intermediate_view.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
- Select theDetailstab on theCertificatedialog for the intermediate certificate.
/content/copycerttofile.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
- Select theCopy to Filebutton to save this certificate.TheCertificate Export Wizardopens.
- Follow the prompts in the wizard. For convenience, save the certificate to same location as the device certificate and CRL file.
- Return to the openDetailstab of the intermediate certificate dialog.
- Scroll to theCRL Distribution Pointfield.
- Copy the URL of the CRL Distribution Point as you did for the device certificate.
- Paste the URL into a browser.When prompted to open or save the CRL file, selectSave. For convenience, save the intermediate certificate to same location as the certificates and other CRL.
- On theCertification Pathtab, select the root certificate.
/content/examplecert_root.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
- Select theView Certificatebutton.A newCertificatedialog opens for the root certificate.
/content/examplecert_root_view.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
- Select theDetailstab on the root certificate.
- Select theCopy to Filebutton to save this certificate.TheCertificate Export Wizardopens.
- Follow the prompts in the wizard. For convenience, save the root certificate to same location as the other certificates and CRL files.
The root certificate does not have a CRL Distribution Point field.
You should now have certificate files for each level of the Certification Path, and CRLs for all but the root certificate.