Server Configuration > Post Install Server Security > Secure Sockets Layer > Creating Signed Server Certificates
 
Creating Signed Server Certificates
To create a server certificate to be signed by a Certificate Authority (CA), use the keytool utility that is part of the Java Runtime Environment (JRE). For more information on using keytool, see:
http://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html
The following is the general process for creating server certificates:
1. Generate a new certificate for use with the SSL protocol’s public key encryption.
2. Generate a certificate signing request (CSR), and then send the request to a CA.
3. Receive the signed certificate from the CA, and then import the certificate into the keystore (updating the existing self-signed certificate).
* 
If you are creating a self-signed certificate (or a certificate signed by a CA that may not be widely known), contact Integrity Lifecycle Manager Technical Support for assistance.
To create a signed server certificate