Using a self-signed certificate
If you decide not to purchase a CA's certificate, you can create your own (self-signed) server or client certificate. You can also use a self-signed certificate while you are waiting for a certificate from a CA, which can take some time.
To create and use a self-signed certificate:
- On a Windows NT server, use a trusted open source Certificate Management tool.
- On an AIX server, enter CertificateManagement from a command prompt. The default location of the AIX script is /opt/HCL/ server_dir/bin. Refer to Running Certificate Management on AIX for additional information.
- Follow the instructions in the Help to create the self-signed certificate.
- If this is a server certificate, store it in the database and then make it available to clients. If this is a client certificate, store it in the database, export it to a password-protected PKCS12 file and then send the file and its password to the user. Make sure the file is secure when sent to the user. If a non-secure protocol such as e-mail, http or ftp is used to send the file over the Internet, the certificate's security can be compromised.
- Exit Certificate Management.
Related topic: