Trusted Certificates


A Trusted Certificate contains a single certificate. Trusted Certificate entries are represented in KeyStore Explorer by the following icon:     

Trusted Certificates are used to form chains of trust during operations such as importing a CA Reply.

Import a Trusted Certificate


To import a Trusted Certificate:
  1. From the Tools menu, choose Import Trusted Certificate. Alternatively click on the Import Trusted Certificate tool bar button:     
  2. The Import Trusted Certificate dialog will appear.
  3. Select the drive and folder where the certificate file is stored.
  4. Click on the required certificate file or type the filename into the File Name text box.
  5. Click on the Import button.
  6. If the Import Trusted Certificate Trust Check is enabled and KeyStore Explorer cannot establish a trust path from the certificate in the file to an existing self-signed Trusted Certificate in your KeyStore or the Authority Certificates:
    1. The Certificate Details dialog will be displayed.
    2. After viewing the details close the dialog by pressing the OK button.
    3. A further dialog will appear asking if you wish accept the certificate.
    4. Press the Yes button if you wish to trust the certificate and import it and No if you do not. If you answer No the import will abort.
  7. The Trusted Certificate Alias dialog will appear.
  8. Enter the alias of the new Trusted Certificate and press OK.
  9. The new Trusted Certificate entry will appear in the KeyStore Entries table with the chosen alias.

View a Trusted Certificate


To view a Trusted Certificate:
  1. Right-click on the Trusted Certificate entry in the KeyStore Entries table. Select the View Details sub-menu from the pop-up menu and from there choose Certificate Details. Alternatively, double-click the Trusted Certificate entry.
  2. The Certificate Details dialog will appear. After viewing the details close the dialog by pressing the OK button.

View a Trusted Certificate's Public Key


To view a Trusted Certificate's public key:
  1. Right-click on the Trusted Certificate entry in the KeyStore Entries table. Select the View Details sub-menu from the pop-up menu and from there choose Public Key Details.
  2. The Public Key Details dialog will appear. After viewing the details close the dialog by pressing the OK button.

Export a Trusted Certificate


To export a Trusted Certificate:
  1. Right-click on the Trusted Certificate entry in the KeyStore Entries table. Select the Export sub-menu from the pop-up menu and from there choose Export Certificate.
  2. The Export Certificate dialog is displayed.
  3. Select an Export Format. The options available are:
    • X.509 ITU-T standard for public key infrastructure.
    • PKCS #7 RSA public key cryptography standard.
    • PKI Path Certification path.
    • SPC Software Publisher Certificate, Microsoft's certificate format.
  4. Check the PEM checkbox if the exported certificate is to be PEM encoded. PEM encoding is not available for PKI Path and SPC format exports.
  5. Use the Browse button to select an export file.
  6. Press the Export button to commence the export.

Drag Export a Trusted Certificate


To drag export a Trusted Certificate:
  1. Select the Trusted Certificate entry for dragging by pressing and holding the left mouse button over it in the KeyStore entries table.
  2. Use the mouse to drag the entry to the desired export location. For example: the desktop, a folder or an open text document.
  3. Release the left mouse button over the export location.
  4. The entry will be exported. The export format is X.509 PEM.

Export a Trusted Certificate's Public Key as OpenSSL


To export a Trusted Certificate's public key as OpenSSL:
  1. Right-click on the Trusted Certificate entry in the KeyStore Entries table. Select the Export sub-menu from the pop-up menu and from there choose Export Public Key.
  2. The Export Public Key as OpenSSL dialog is displayed.
  3. Check the PEM checkbox if the exported public key is to be PEM encoded.
  4. Use the Browse button to select an export file.
  5. Press the Export button to commence the export.

Cut and Paste a Trusted Certificate


To cut and paste a Trusted Certificate:
  1. Click on the Trusted Certificate entry to select it.
  2. From the Edit menu, choose Cut. Alternatively click on the Cut tool bar button:     
  3. Select the target KeyStore by clicking on its tab.
  4. From the Edit menu, choose Paste. Alternatively click on the Paste tool bar button:     
  5. The Trusted Certificate entry will appear in the target KeyStore Entries table.

Note: KeyStore Explorer has an internal clipboard for cut, copy and paste operations called the buffer. Therefore KeyStore entries cannot be cut or copied from KeyStore Explorer to other applications and vice versa.

Copy and Paste a Trusted Certificate


To copy and paste a Trusted Certificate:
  1. Click on the Trusted Certificate entry to select it.
  2. From the Edit menu, choose Copy. Alternatively click on the Copy tool bar button:     
  3. If copying to a different KeyStore select it by clicking on its tab.
  4. From the Edit menu, choose Paste. Alternatively click on the Paste tool bar button:     
  5. A copy of the Trusted Certificate entry will appear in the target KeyStore Entries table.

Note: KeyStore Explorer has an internal clipboard for cut, copy and paste operations called the buffer. Therefore KeyStore entries cannot be cut or copied from KeyStore Explorer to other applications and vice versa.

Delete a Trusted Certificate


To delete a Trusted Certificate:
  1. Right-click on the Trusted Certificate entry in the KeyStore Entries table. Select Delete from the pop-up menu.
  2. The Trusted Certificate entry will disappear from the KeyStore Entries table.

Rename a Trusted Certificate


To rename a Trusted Certificate:
  1. Right-click on the Trusted Certificate entry in the KeyStore Entries table. Select Rename from the pop-up menu.
  2. The New Entry Alias dialog will appear.
  3. Enter the new alias into the dialog and click on the OK button.
  4. The Trusted Certificate entry will be renamed in the KeyStore Entries table.