Certificate Exchange

If using a self-signed CA for the AEM certificate, like above, send the certificate or internal Certification Authority (CA) certificate to the API provider.

Also, if the API provider is using a self-signed CA certificate, receive the certificate or internal Certification Authority (CA) certificate from the API provider.

Certificate Import

To import AEM’s certificate, follow the below steps:

  1. Log in to AEM Author as an administrator.

  2. Navigate to AEM Author > Tools > Security > Users > Create or Select an existing user.

    Create or Select an existing user

    For demo purposes, a new user named mtl-demo-user is created.

  3. To open the User Properties, click the user name.

  4. Click Keystore tab and then click Create Keystore button. Then in the Set KeyStore Access Password dialog, set a password for this user’s keystore and click Save.

    Create Keystore

  5. In the new screen, under the ADD PRIVATE KEY FROM DER FILE section, follow the below steps:

    1. Enter Alias

    2. Import the AEM Private Key in DER format, generated above.

    3. Import the Certificate Chain Files, generated above.

    4. Click Submit

      Import AEM Private Key

  6. Verify that the certificate is imported successfully.

    AEM Private Key & Certificate Imported

If the API provider is using a self-signed CA certificate, import the received certificate into AEM’s TrustStore, follow the steps from here.

Likewise, if AEM is using self-signed CA certificate, request the API provider to import it.