We want tot migrate from 1024 bit to 20468 bit certificates in sunone webserver 6.1 .
But there is no option in security tab to perform the same in request new certificate .
Found in google that we need to use certutil tool from operating system level .
Can some one provide me the steps to perform the same.
Also can i keep one of the certificates 1024 bit and the other ones 2048 bit ?
read the instructions here on how to use certutil: http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html
Basically, you need to run certutil with the -R option to generate a CSR which you then send to your CA and make sure you specify the same information as your existing certifcate.
eg: certutil -R -s myserver.com -o cert-request-file-myserver.csr -d <dir containing db files> -a -g 2048
Once you receive your certificate, you can use the -A option to import the new one. Renewal does not work in the old version of the web server so you will need to reconfigure your web server to use the new certificate instead of your old one once it is imported.
eg: certutil -A -n myserver -t "p,p,p" -d <dir containing db files> -a -i certificate.pem