Certificates are only imported in Key Manager when PKCS#10 is generated in ADSS Server and certified externally to use this key for different cryptographic operations. When a PKCS#10 is generated using a service key, it is shown in the certificate list with Pending status.



It can be viewed by clicking on its Certificate Alias or by selecting it and pressing View button from the certificates screen:

The Organization Identifier will only be displayed in the Subject DN if the operator has enabled the 'Legal person semantic identifier' in Certificate Template while creating the required certificate.


The following screen is used for importing the certificate against a pending CSR:

 

A certificate can only be imported when a certificate request is with Pending status. It can not be imported against an Active or Expired certificate.

Importing a P7b certificate file for a Verification Response Signing key will show a warning message if other Key Usage bits are set in addition to digitalSignature and nonRepudiation. Re-import the P7b file after the warning is shown to have the certificate accepted.


See also

Creating CSR/Certificates
Exporting Keys/ Certificates
Searching Certificates
Rekey CSCA Certificates