How to import a CA reply into a keystore key pair entry

To import a CA reply into a keystore key pair entry:

1. Right-click on the key pair keystore entry in the keystore Entries table. Select the Import CA Reply item from the resultant pop-up menu.
2. The Import CA Reply dialog will appear.
3. Select the folder where the CA reply certificate file is stored.
4. Click on the required CA reply certificate file or type the filename into the File Name text box.
5. Click on the Import button.
6. What happens next depends on whether the CA reply certificate file contains a single certificate or a chain or certificates:
   • If the CA reply file contains a single certificate:
     • If Portecle can establish a trust path between the certificate and an existing self-signed Trusted Certificate in your keystore (or the CA certs keystore if it is enabled) then the import will continue. Otherwise it will fail at this point.
   • Alternatively the CA reply file may contain a chain of certificates:
     • Portecle will attempt to match the reply's root CA to an existing trusted certificate in your keystore (or the CA certs keystore if it is enabled).
     • If it cannot then the Certificate Details dialog will appear displaying the details of the reply's root CA certificate for you to verify.
     • After viewing the details acknowledge the dialog by pressing the OK button.
     • A further dialog will appear asking if you wish accept the certificate.
     • Press the Yes button if you wish to trust the certificate and import the CA reply and No if you do not. If you reply No the import will fail at this point.
7. If the current keystore type is not PKCS #12:
   • The Key Pair Entry Password dialog will be displayed.
   • Enter the key entry's password into the dialog and press OK.
8. The keystore key pair entry will be updated to reflect the content of the CA reply.