Associating your public key with certificate authorities
This section contains information regarding trusted certificate authorities (CAs) on the IBM HTTP Server, along with supported CA software. Links to related information appear at the end of this section.
- Listing trusted certificate authorities on the IBM HTTP Server
- Identifying supported certificate authority software
- Finding related information
Associate your public key with a digitally signed certificate from a certificate authority (CA), designated as a trusted root CA on your server. You can buy a signed certificate by submitting a certificate request to a certificate authority provider. The default certificate request file name is certreq.arm. The certificate request file is a PKCS 10 file, in Base64-encoded format. The IBM HTTP Server supports the following external CAs:
Listing trusted certificate authorities on the IBM HTTP Server
By default, the following list contains designated trusted CAs on the IBM HTTP Server:
- RSA Secure Server Certification Authority
- Thawte Personal Basic CA
- Thawte Personal Freemail CA
- Thawte Personal Premium CA
- Thawte Premium Server CA
- Thawte Server CA
- VeriSign Class 1 CA Individual-Persona Not Validated
- VeriSign Class 2 CA Individual-Persona Not Validated
- VeriSign Class 3 CA Individual-Persona Not Validated
- VeriSign Class 1 Public Primary Certification Authority
- VeriSign Class 2 Public Primary Certification Authority
- VeriSign Class 3 Public Primary Certification Authority
- VeriSign Test CA Root Certificate
Identifying supported certificate authority software
The IBM HTTP Server supports the following certificate authority (CA) software:
- Any X.509-compliant certificate authority
- Entrust
- Netscape Certificate Server
- Tivoli PKI
- XCert
| Finding related information |
(Back to the top)