This topic describes how to use certificate authority to
sign a certificate.
As an example, this topic uses asu_csr.der as
your certificate sign request file.
- Export the certificate sign request file by issuing the
following ASU command: asu
export SSL_LDAP_CLIENT_CSR asu_crs.der --host xx.xx.xx.xx --user USERID
--password PASSW0RD
- Convert the certificate sign request format from .der to .pem.
The following example uses the openssl command: openssl
req -in asu_csr.der -inform DER -out asu_csr.pem -outform PEM
- Sign the certificate sign request by using the certificate
authority you just set up.
The following example uses
the openssl command: openssl ca -policy
policy_anything -out asu_cert.pem -infiles asu_csr.pem
- Convert the certificate format from .pem to .der.
The following example uses the openssl command: openssl
x509 -in asu_cert.pem -inform PEM -out asu_cert.der outform
DER The certificate sign request file is ready to import.
- Import the certificate sign request file by using the ASU command asu
import SSH_SERVER_KEY asu_cert.der --host xx.xx.xx.xx --user USERID
--password PASSW0RD
- Enter the command Openssl x509 -in asu_cert.pem
-inform PEM -out asu_cert.der outform DER.
You receive the signed certificateasu_cert.der for
your certificate sign request file asu_csr.der.