See below for how to import a root certificate authority that has been created outside PKIaaS.

To import an external root CA:

  1. Open the following URL in a Web browser. 

    https://<hostname>/v2/

    Where <hostname> is the IP address or domain name selected in General.

  2. Log in to the Management Console as the user described in Creating partition administrators
  3. If the user administers more than one partition, select the partition on which to manage certificate authorities and certificates. 

  4. Click Certificate Authorities in the sidebar.

  5. Click Add and select Certificate Authority.

  6. Select External Root Authority.

    CA Type
  7. Click Add and complete the following values. 
  8. Click Create.
  9. Check the details of the created CA — for example, the Serial Number of the certificate signing certificate.

CA Identifier

Write a unique identifier for the new CA in your PKI hierarchy. This identifier:

  • Must contain 2-18 characters
  • Can only include lowercase letters, numbers, hyphens (’-’), and underscores (’_')

After deleting a CA, wait 24 hours before creating a CA with the same identifier.

Friendly Name

Write a descriptive name for the CA in your partition.

Root CA Certificate

Click Choose File and select the file containing the Certificate Signing Certificate of the external CA.