This portlet allows the user to list public key certificates, import trusted certificates, generate a key pair, generate a Certificate Signing Request (CSR) and import a Certificate Authority (CA) reply. This portlet also provides information about the type of keystore, the number of key pairs and trusted certificates stored in the keystore (the keystore size), and the location of the keystore.

From the main portlet, the user can "view" a trusted certificate or key pair.

import trusted certificate

If the user has a trusted certificate, it can be imported using the"import trusted certificate" tool. Browse for the certificate file, click on the "View Certificate" button, enter an alias, in the"Alias" text box, then click on the "Import" button. "Cancel" at any time before clicking on "Import."

generate key pair

This tool allows the user to generate a public/private key pair. This key pair could be used later to create a trusted certificate. Fill in the text boxes and click on the "submit" button to generate the key pair. All fields can be blanked out by clicking "reset." To generate the key pair, click on "submit." The fields are defined as follows:

Alias	A name to identify the key pair.
Validity	The number of days the key pair will remain valid. This field requires a number to be entered.

The following fields are X.500 Distinguished Names.

Common Name (CN)	Common name of a person, such as, Joe Smith.
Organizational Unit(OU)	Small organization, e.g., department or division, for example, Sales.
Organization Name(ON)	Large organization, such as the company name.
Locality (L)	City name, e.g., El Segundo.
State (ST)	State name, e.g., California or CA.
Country (C)	Two-letter country code, e.g., US.

view

To view a key pair or certificate, click on the "view" link to the left of it. If the user is viewing a key pair, the "view" pane provides access to three more links "generate CSR", "import CA reply", and "keystore list" which are defined next:

generate CSR

This tool generates a Certificate Signing Request. The CSR can be sent to a Certificate Authority (CA), such as Verisign. To submit the CSR to a CA follow the CA's instructions. After the CA sends back a reply, the Gluecode Standard Edition console can be used to import it via the "import CA reply" tool.

import CA reply

After the Certificate Authority (CA) has sent back a signed, trusted certificate, it can be imported into the Gluecode Standard Edition server. Cut and paste the Certificate Authority's reply in this window and click on "Save." To cancel an import click on "Cancel" before doing a "Save."

keystore list

This link returns the user to the main Certificate management portlet.