Updated on 2024-06-25 GMT+08:00

Downloading a Private Certificate

Before using a private certificate, you need to download it. Only downloaded certificate can be assigned to the corresponding certificate subject so that they can install and use the certificate.

This topic describes how to download a private certificate. Only certificates in the Issued state can be downloaded.

Prerequisites

Your private certificate is in the Issued state. For details, see Applying for a Private Certificate.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Security & Compliance > Cloud Certificate Management Service. In the navigation pane on the left, choose Private Certificate Management > Private Certificate. The Private Certificate page is displayed.
  3. Locate the row of the desired private certificate and click Download in the Operation column.

    Figure 1 Downloading a private certificate

  4. Click the target tab based on your server type and click Download Certificate.

    PCA will use the download tool provided by the browser to download the private certificate to the specified local directory.

Installing a Private Certificate

A private certificate must be installed on the corresponding server. The installation procedure for private certificates is the same as that for SSL certificates. You can refer to Table 1.

Description of Downloaded Certificate Files

The downloaded certificate files vary depending on the CSR file type (System generated CSR or Upload a CSR) configured when you apply for a private certificate.

  • System generated CSR
    Table 2 describes the downloaded files.
    Table 2 Description of downloaded files (1)

    Server Type

    Files in the Package

    Tomcat

    keystorePass.txt: certificate password

    server.jks: certificate file

    Nginx

    server.crt: certificate files, containing the server certificate and certificate chain

    server.key: certificate private key file

    Apache

    chain.crt: certificate chain file

    server.crt: certificate file

    server.key: certificate private key file

    IIS

    keystorePass.txt: certificate password

    server.pfx: certificate file

    Others

    chain.pem: certificate chain file

    server.key: certificate private key file

    server.pem: certificate file

  • Upload a CSR

    Table 3 describes the downloaded files.

    Table 3 Description of downloaded files (2)

    Server Type

    Files in the Package

    Tomcat

    server.crt: certificate file

    chain.crt: certificate chain file

    Nginx

    server.crt: certificate file

    Apache

    server.crt: certificate file

    chain.crt: certificate chain file

    IIS

    server.crt: certificate file

    chain.crt: certificate chain file

    Others

    cert.pem: certificate file

    chain.pem: certificate chain file