System Administration IBM HTTP Server documentation

Associating your public key with certificate authorities

This section contains information regarding trusted certificate authorities (CAs) on the IBM HTTP Server, along with supported CA software. Links to related information appear at the end of this section.

Associate your public key with a digitally signed certificate from a certificate authority (CA), designated as a trusted root CA on your server. You can buy a signed certificate by submitting a certificate request to a certificate authority provider. The default certificate request file name is certreq.arm. The certificate request file is a PKCS 10 file, in Base64-encoded format. The IBM HTTP Server supports the following external CAs:

Listing trusted certificate authorities on the IBM HTTP Server

By default, the following list contains designated trusted CAs on the IBM HTTP Server:

  • RSA Secure Server Certification Authority
  • Thawte Personal Basic CA
  • Thawte Personal Freemail CA
  • Thawte Personal Premium CA
  • Thawte Premium Server CA
  • Thawte Server CA
  • VeriSign Class 1 CA Individual-Persona Not Validated
  • VeriSign Class 2 CA Individual-Persona Not Validated
  • VeriSign Class 3 CA Individual-Persona Not Validated
  • VeriSign Class 1 Public Primary Certification Authority
  • VeriSign Class 2 Public Primary Certification Authority
  • VeriSign Class 3 Public Primary Certification Authority
  • VeriSign Test CA Root Certificate

Identifying supported certificate authority software

The IBM HTTP Server supports the following certificate authority (CA) software:

 
Finding related information

     (Back to the top)