Skip to main content

Export a PKIaaS PIV Content Signer certificate

The PIV Content Signer signs the contents of the smart credential. For example, if you have an application and want to verify the contents of the smart credential, you need the PIV Content Signer certificate to verify the signatures on the smart credential contents.

  1. Click > Resources > Certificate Authorities. The Certificate Authorities List page appears.
  2. Click  next to the certificate and select Export PIV Content Signer. The Export PIV Content Signer Certificate dialog box appears.
  3. Do one of the following:
    • Click Certificate to export the PKiAAS certificate.
    • Click Root CA Certificate to export the PIV Content Signer certificate.
    • Click Certificate Chain. The Certificate Chain includes three certificates:
      • the root CA certificate
      • the issuer CA certificate
      • the PIV Content Signer certificate
  4. Click Export.
info

After you create a PIV content signer for your CA, you can still create another one. PIV content signer has a 3 year lifetime, which needs to be replaced when it expires. You can create a new PIV content signer to replace an expired one.