More work on certificates. JM-892

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@6054 b35dd754-fafc-0310-a699-88a17e54d16e

More work on certificates. JM-892
git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@6054 b35dd754-fafc-0310-a699-88a17e54d16e
71980565 · Gaston Dombiak · gato · c0dee766 · 71980565 · 71980565
Commit 71980565 authored Nov 10, 2006 by Gaston Dombiak Committed by gato Nov 10, 2006
15 changed files
--- a/src/i18n/wildfire_i18n_cs_CZ.properties
+++ b/src/i18n/wildfire_i18n_cs_CZ.properties
@@ -59,6 +59,8 @@ tab.server.descr=Klikn\u011bte pro spr\u00e1vu nastaven\u00ed serveru
        sidebar.server-data-settings.descr=Klikn\u011bte pro spr\u00e1vu ukl\u00e1d\u00e1n\u00ed soukrom\u00fdch dat
        sidebar.server-ssl=Nastaven\u00ed zabezpe\u010den\u00ed
        sidebar.server-ssl.descr=Klikn\u011bte pro zobrazen\u00ed nastaven\u00ed zabezpe\u010den\u00ed.
+        sidebar.ssl-certificates=Server Certificates
+        sidebar.ssl-certificates.descr=Click to manage server certificates.
        sidebar.server-compression=Nastaven\u00ed komprese
        sidebar.server-compression.descr=Klikn\u011bte pro zobrazen\u00ed nastaven\u00ed komprese.
        sidebar.transfer-proxy=Nastaven\u00ed p\u0159enosu soubor\u016f
@@ -288,6 +290,7 @@ global.restart=restartovat
 global.server_status=Stav serveru
 global.save_settings=Ulo\u017eit nastaven\u00ed
 global.done=Dokon\u010deno
+global.save=Save
 global.cancel=Zru\u0161it
 global.save_changes=Ulo\u017eit zm\u011bny
 global.save_property=Ulo\u017eit vlastnost
@@ -1491,40 +1494,6 @@ ssl.settings.available=Dostupn\u00e9
 ssl.settings.notavailable=Nedostupn\u00e9
 ssl.settings.required=Vy\u017eadov\u00e1no
 ssl.settings.optional=Voliteln\u00e9
-ssl.settings.uninstalled=Certifik\u00e1t \u00fasp\u011b\u0161n\u011b odinstalov\u00e1n.
-ssl.settings.error=Chyba p\u0159i odinstalaci certifik\u00e1tu.
-ssl.settings.error_messenge=Chybov\u00e1 zpr\u00e1va
-ssl.settings.error_certificate=Chyba p\u0159i instalaci certifik\u00e1tu, pros\u00edm prohl\u00e9dn\u011bte si spodn\u00ed formul\u00e1\u0159.
-ssl.settings.info=SSL/TLS dovoluje vytv\u00e1\u0159et zabezpe\u010den\u00e1 p\u0159ipojen\u00ed mezi serverem a klienty. Tato \
-        strana zobrazuje instalovan\u00e9 certifik\u00e1ty. Pou\u017eijte spodn\u00ed formul\u00e1\u0159 pro instalaci \
-        nov\u00e9ho certifik\u00e1tu.
-ssl.settings.certificate=Instalovan\u00e9 certifik\u00e1ty
-ssl.settings.alias=Alias (hostitel)
-ssl.settings.expiration=Vypr\u0161\u00ed
-ssl.settings.self-signed=Samopodepsan\u00fd
-ssl.settings.publickey=Ve\u0159ejn\u00fd kl\u00ed\u010d
-ssl.settings.publickey.title=klikn\u011bte pro zobrazen\u00ed nebo skryt\u00ed ve\u0159ejn\u00e9ho kl\u00ed\u010de
-ssl.settings.publickey.label=Zobrazit/Skr\u00fdt
-ssl.settings.uninstall=Odinstalovat
-ssl.settings.click_uninstall=Klikn\u011bte pro odinstalaci...
-ssl.settings.confirm_uninstall=Jste si jist\u00fd(\u00e1), \u017ee chcete odinstalovat tento certifik\u00e1t?
-ssl.settings.key=Ve\u0159ejn\u00fd kl\u00ed\u010d:
-ssl.settings.no_installed=Nejsou instalov\u00e1ny \u017e\u00e1dn\u00e9 certifik\u00e1ty. Pou\u017eijte spodn\u00ed formul\u00e1\u0159 pro instalaci jednoho.
-ssl.settings.install_certificate=Instalovat certifik\u00e1t
-ssl.settings.install_certificate_info=Nov\u00e9 X.509 certifik\u00e1ty mohou b\u00fdt p\u0159id\u00e1ny do syst\u00e9mu vlo\u017een\u00edm \
-        certifika\u010dn\u00edch dat, kter\u00e9 v\u00e1m zaslala certifika\u010dn\u00ed autorita (nap\u0159. Verisign) nebo si m\u016f\u017eete \
-        vygenerovat sv\u016fj vlastn\u00ed samopodepsan\u00fd certifik\u00e1t.
-ssl.settings.enter_alias=Pros\u00edm zadejte platn\u00fd alias.
-ssl.settings.enter_certificate=Pros\u00edm vlo\u017ete platn\u00fd certifik\u00e1t.
-ssl.settings.error_installing=Chyba p\u0159i instalaci certifik\u00e1tu.
-ssl.settings.error_reported=Nahl\u00e1\u0161ena chyba
-ssl.settings.type=Typ
-ssl.settings.server=Certifik\u00e1t serveru
-ssl.settings.client=Certifik\u00e1t klienta
-ssl.settings.a_certificate=Certifik\u00e1t
-ssl.settings.paste_certificate=Vlo\u017ete certifik\u00e1t, kter\u00fd V\u00e1m zaslala certifika\u010dn\u00ed autorita nebo samopodepsan\u00fd \
-        certifik\u00e1t vygenerovan\u00fd pomoc\u00ed keytool.
-ssl.settings.add_certificate=P\u0159idat certifik\u00e1t
 ssl.settings.server.legend=Bezpe\u010dnost serverov\u00fdch spojen\u00ed
 ssl.settings.server.label_required=Vy\u017eadov\u00e1na
 ssl.settings.server.label_required_info=Spojen\u00ed mezi servery v\u017edy pou\u017e\u00edvaj\u00ed zabezpe\u010den\u00e1 spojen\u00ed.
@@ -1535,6 +1504,76 @@ ssl.settings.server.label_custom_info=Pokro\u010dil\u00e9 nastaven\u00ed
 ssl.settings.server.dialback=Zp\u011btn\u00e9 vol\u00e1n\u00ed serveru:
 ssl.settings.server.customTLS=Metoda TLS:

+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate.
+ssl.certificates.imported=Certificate Authority reply was imported successfully.
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page

 compression.settings.title=Nastaven\u00ed komprese

--- a/src/i18n/wildfire_i18n_de.properties
+++ b/src/i18n/wildfire_i18n_de.properties
@@ -58,6 +58,8 @@ tab.server.descr=Hier klicken um die Servereinstellungen zu verwalten
        sidebar.server-data-settings.descr=
        sidebar.server-ssl=SSL-Einstellungen
        sidebar.server-ssl.descr=
+        sidebar.ssl-certificates=Server Certificates
+        sidebar.ssl-certificates.descr=Click to manage server certificates.
        sidebar.server-compression=Komprimierungseinstellungen
        sidebar.server-compression.descr=Hier klicken um die Komprimierungseinstellungen zu bearbeiten.
        sidebar.transfer-proxy=File Transfer Settings
@@ -285,6 +287,7 @@ global.restart=Neustart
 global.server_status=Server-Status
 global.save_settings=Einstellungen speichern
 global.done=Done
+global.save=Save
 global.cancel=Abbrechen
 global.save_changes=\u00c4nderungen speichern
 global.save_property=Eigenschaft speichern
@@ -1269,39 +1272,6 @@ ssl.settings.available=Available
 ssl.settings.notavailable=Not Available
 ssl.settings.required=Required
 ssl.settings.optional=Optional
-ssl.settings.uninstalled=Zertifikat erfolgreich deinstalliert.
-ssl.settings.error=Fehler beim Deinstallieren des Zertifikats.
-ssl.settings.error_messenge=Fehlermeldung
-ssl.settings.error_certificate=Fehler beim Installieren des Zertifikats, bitte das Formular unten beachten.
-ssl.settings.info=SSL/TLS erm\u00f6glicht sichere Verbindungen zwischen dem Server und den Clients aufzubauen. \
-        Diese Seite zeigt die installierten Zertifikate an. Die Form unten auf der Seite erm\u00f6glicht die \
-	Installation eines neuen Zertifikats.
-ssl.settings.certificate=Installierte Zertifikate
-ssl.settings.alias=Alias (Host)
-ssl.settings.expiration=Expires
-ssl.settings.self-signed=Eigensigniert
-ssl.settings.publickey=Oeffentlicher Schluessel
-ssl.settings.publickey.title=Hier klicken um den oeffentlichen Schluessel anzuzeigen oder zu verstecken
-ssl.settings.publickey.label=Anzeigen/Verstecken
-ssl.settings.uninstall=Deinstallieren
-ssl.settings.click_uninstall=Hier klicken zum Deinstallieren ...
-ssl.settings.confirm_uninstall=Sicher dass das Zertifikat deinstalliert werden soll?
-ssl.settings.key=\u00d6ffentlicher Schl\u00fcssel:
-ssl.settings.no_installed=Keine Zertifikate installiert. Das Formular unten benutzen um ein Zertifikat zu installieren.
-ssl.settings.install_certificate=Zertifikat installieren
-ssl.settings.install_certificate_info=Neue X.509-Zertifikate k\u00f6nnen zum System hinzugef\u00fcgt werden indem die Daten \
-        des Zertifikats die von einer Zertifikatsstelle (z.B. Verisign) zugeschickt wurden eingef\u00fcgt werden oder \
-	indem ein neues selbst-signiertes Zertifikat erstellt wird.
-ssl.settings.enter_alias=Bitte einen g\u00fcltigen Alias eingeben.
-ssl.settings.enter_certificate=Bitte ein g\u00fcltiges Zertifikat eingeben.
-ssl.settings.error_installing=Fehler beim Installieren des Zertifikats.
-ssl.settings.error_reported=Fehler gemeldet
-ssl.settings.type=Type
-ssl.settings.server=Serverzertifikat
-ssl.settings.client=Clientzertifikat
-ssl.settings.a_certificate=Zertifikat
-ssl.settings.paste_certificate=Das Zertifikat dass von einer CA zugeschickt wurde oder das selbstsignierte Zertifikat einf\u00fcgen.
-ssl.settings.add_certificate=Zertifikat hinzuf\u00fcgen
 ssl.settings.server.legend=Server Verbindungssicherheit
 ssl.settings.server.label_required=Benoetigt
 ssl.settings.server.label_required_info=Verbindungen zwischen Servern sind immer sicher.
@@ -1312,6 +1282,76 @@ ssl.settings.server.label_custom_info=Erweiterte Konfiguration
 ssl.settings.server.dialback=Server Dialback:
 ssl.settings.server.customTLS=TLS Methode:

+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate.
+ssl.certificates.imported=Certificate Authority reply was imported successfully.
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page

 compression.settings.title=Komprimierungseinstellungen

--- a/src/i18n/wildfire_i18n_en.properties
+++ b/src/i18n/wildfire_i18n_en.properties
@@ -174,6 +174,25 @@
 ##      Added key: 'sidebar.profile-settings'
 ##      Added key: 'sidebar.profile-settings.descr'
 ##      Added section: 'profile-settings.*'
+##
+## 3.2.0
+##      Added key: 'sidebar.ssl-certificates'
+##      Added key: 'sidebar.ssl-certificates.descr'
+##      Added key: 'global.save'
+##      Removed key: 'ssl.settings.type'
+##      Removed key: 'ssl.settings.server'
+##      Removed key: 'ssl.settings.server'
+##      Removed key: 'ssl.settings.uninstall'
+##      Removed key: 'ssl.settings.click_uninstall'
+##      Removed key: 'ssl.settings.error_certificate'
+##      Removed key: 'ssl.settings.a_certificate'
+##      Removed key: 'ssl.settings.add_certificate'
+##      Removed key: 'ssl.settings.publickey.label'
+##      Removed key: 'ssl.settings.publickey.title'
+##      Removed key: 'ssl.settings.publickey'
+##      Removed key: 'ssl.settings.enter_alias'
+##      Removed key: 'ssl.settings.enter_certificate'
+##      Removed key: 'ssl.settings.key'

 # Wildfire

@@ -224,6 +243,8 @@ tab.server.descr=Click to manage server settings
        sidebar.server-data-settings.descr=Click to manage private data storage
        sidebar.server-ssl=Security Settings
        sidebar.server-ssl.descr=Click to view security settings.
+        sidebar.ssl-certificates=Server Certificates
+        sidebar.ssl-certificates.descr=Click to manage server certificates.
        sidebar.server-compression=Compression Settings
        sidebar.server-compression.descr=Click to view compression settings.
        sidebar.transfer-proxy=File Transfer Settings
@@ -453,6 +474,7 @@ global.restart=restart
 global.server_status=Server Status
 global.save_settings=Save Settings
 global.done=Done
+global.save=Save
 global.cancel=Cancel
 global.save_changes=Save Changes
 global.save_property=Save Property
@@ -1659,40 +1681,6 @@ ssl.settings.available=Available
 ssl.settings.notavailable=Not Available
 ssl.settings.required=Required
 ssl.settings.optional=Optional
-ssl.settings.uninstalled=Certificate uninstalled successfully.
-ssl.settings.error=Error uninstalling the certificate.
-ssl.settings.error_messenge=Error message
-ssl.settings.error_certificate=Error installing the certificate, please see the form below.
-ssl.settings.info=SSL/TLS allows secure connections to be made between the server and clients. This \
-        page displays installed certificates. Use the form at the bottom of the page to install a \
-        new certificate.
-ssl.settings.certificate=Installed Certificates
-ssl.settings.alias=Host (alias)
-ssl.settings.expiration=Expires
-ssl.settings.self-signed=Self-signed
-ssl.settings.publickey=Public Key
-ssl.settings.publickey.title=Click to show or hide public key
-ssl.settings.publickey.label=Show/Hide
-ssl.settings.uninstall=Uninstall
-ssl.settings.click_uninstall=Click to uninstall...
-ssl.settings.confirm_uninstall=Are you sure you want to uninstall this certificate?
-ssl.settings.key=Public Key:
-ssl.settings.no_installed=No certificates installed. Use the form below to install one.
-ssl.settings.install_certificate=Install Certificate
-ssl.settings.install_certificate_info=New X.509 certificates can be added to the system by pasting \
-        in the certificate data sent to you by a Certificate Authority (e.g. Verisign) or you can \
-        generate your own self-signed certificates.
-ssl.settings.enter_alias=Please enter a valid alias.
-ssl.settings.enter_certificate=Please enter a valid certificate.
-ssl.settings.error_installing=Error installing the certificate.
-ssl.settings.error_reported=Error reported
-ssl.settings.type=Type
-ssl.settings.server=Server Certificate
-ssl.settings.client=Client Certificate
-ssl.settings.a_certificate=Certificate
-ssl.settings.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
-        certificate generated via the keytool.
-ssl.settings.add_certificate=Add Certificate
 ssl.settings.server.legend=Server Connection Security
 ssl.settings.server.label_required=Required
 ssl.settings.server.label_required_info=Connections between servers always use secured connections.
@@ -1703,6 +1691,76 @@ ssl.settings.server.label_custom_info=Advanced configuration
 ssl.settings.server.dialback=Server Dialback:
 ssl.settings.server.customTLS=TLS method:

+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.  
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate. 
+ssl.certificates.imported=Certificate Authority reply was imported successfully. 
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page

 compression.settings.title=Compression Settings

--- a/src/i18n/wildfire_i18n_es.properties
+++ b/src/i18n/wildfire_i18n_es.properties
@@ -55,6 +55,8 @@ tab.server.descr=Presione para administrar la configuraci\u00f3n del servidor
        sidebar.server-data-settings.descr=Presione para administrar la pol\u00edtica de almacenamiento de datos privados
        sidebar.server-ssl=Configuraci\u00f3n de Seguridad
        sidebar.server-ssl.descr=Presione para ver seteos de seguridad.
+        sidebar.ssl-certificates=Certificados del Servidor
+        sidebar.ssl-certificates.descr=Presione para administrar los certificados del servidor.
        sidebar.server-compression=Configuraci\u00f3n de Compresi\u00f3n
        sidebar.server-compression.descr=Presione para ver seteos de compresi\u00f3n.
        sidebar.transfer-proxy=Configuraci\u00f3n de transferencia de archivos
@@ -279,6 +281,7 @@ global.restart=Reiniciar
 global.server_status=Estado del Servidor
 global.save_settings=Guardar Configuraci\u00f3n
 global.done=Hecho
+global.save=Guardar
 global.cancel=Cancelar
 global.save_changes=Guardar los Cambios
 global.save_property=Guardar Propiedad
@@ -1382,35 +1385,6 @@ ssl.settings.available=Disponible
 ssl.settings.notavailable=No Disponible
 ssl.settings.required=Requerido
 ssl.settings.optional=Opcional
-ssl.settings.uninstalled=Certificado desinstalado con \u00e9xito.
-ssl.settings.error=Error al desinstalar el certificado.
-ssl.settings.error_messenge=Mensaje de Error
-ssl.settings.error_certificate=Error al instalar el certificado, por favor vea el formulario siguiente.
-ssl.settings.info=SSL/TLS permite que se realizen conexiones seguras entre el servidor y los clientes. Esta p\u00e1gina muestra los certificados instalados. Use el formulario al final de la p\u00e1gina para instalar un certificado nuevo.
-ssl.settings.certificate=Certificados Instalados
-ssl.settings.alias=Host (alias)
-ssl.settings.expiration=Expira
-ssl.settings.self-signed=Auto-firmado
-ssl.settings.publickey=Clave P\u00fablica
-ssl.settings.publickey.title=Presione para ver u ocultar clave p\u00fablica
-ssl.settings.publickey.label=Ver/Ocultar
-ssl.settings.uninstall=Desinstalar
-ssl.settings.click_uninstall=Presione para desinstalar...
-ssl.settings.confirm_uninstall=\u00bfEst\u00e1 seguro de que quiere desinstalar este certificado?
-ssl.settings.key=Clave P\u00fablica:
-ssl.settings.no_installed=No hay certificados instalados. Use el formulario siguiente para instalar uno.
-ssl.settings.install_certificate=Instalar Certificado
-ssl.settings.install_certificate_info=Se pueden agregar nuevos certificados X.509 al sistema pegando los datos del certificado que le fueron enviados por una Autoridad Certificadora (p.e. Verisign) o puede generar sus propios certificados auto-firmados.
-ssl.settings.enter_alias=Por favor ingrese un alias v\u00e1lido.
-ssl.settings.enter_certificate=Por favor ingrese un certificado v\u00e1lido.
-ssl.settings.error_installing=Error al instalar el certificado.
-ssl.settings.error_reported=Error reportado
-ssl.settings.type=Tipo
-ssl.settings.server=Certificado del Servidor
-ssl.settings.client=Certificado del Cliente
-ssl.settings.a_certificate=Certificado
-ssl.settings.paste_certificate=Pegue el certificado que le envi\u00f3 la AC o el certificado auto-firmado generado mediante keytool.
-ssl.settings.add_certificate=Agregar Certificado
 ssl.settings.server.legend=Configuraci\u00f3n de seguridad de Servidores
 ssl.settings.server.label_required=Requerido
 ssl.settings.server.label_required_info=Conexiones entre servidores solamente siempre utilizan conexiones seguras.
@@ -1421,6 +1395,78 @@ ssl.settings.server.label_custom_info=Configuraci\u00f3n avanzada
 ssl.settings.server.dialback=M\u00e9todo Dialback:
 ssl.settings.server.customTLS=M\u00e9todo TLS:

+
+# Server Certificates
+
+ssl.certificates.title=Certificados del Servidor
+ssl.certificates.info=SSL/TLS permite que se realicen conexiones seguras entre el servidor y los clientes. Esta \
+  p\u00e1gina muestra los certificados instalados. Los certificados deben estar fimados por una Autoridad Certificadora \
+  para ser aceptados por clientes y otros servidores. Certificados auto-firmados pueden ser usados pero algunos clientes \
+  o servidores pueden no aceptarlos.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expira
+ssl.certificates.status=Estatus
+ssl.certificates.self-signed=Auto-firmado
+ssl.certificates.self-signed.info=Certificados auto-firmados deben ser firmados por una Autoridad Certificadora para ser\
+  confiados por clientes y otros servidores.
+ssl.certificates.signing-pending=Verificaci\u00f3n Pendiente
+ssl.certificates.signing-pending.info=El certificado no esta firmado por una Autoridad Certificadora. Un pedido de firma \
+  debe ser enviado a la Autoridad Certificadora para ser firmado por la AC. La AC debe devolver un nuevo certificado \
+  una vez aprobado y firmado. El certificado retornado debe ser importado en Wildfire.
+ssl.certificates.ca-signed=Firmado por AC
+ssl.certificates.ca-signed.info=El certificado ha sido firmado por una Autoridad Certificadora. Clientes y servidores deben \
+  poder aceptar el certificado a menos que no confien en la Autoridad Certificadora que firm\u00f3 el certificado.
+ssl.certificates.algorithm=Algoritmo
+ssl.certificates.confirm_delete=\u00bfEst\u00e1 seguro de que quiere borrar este certificado?
+ssl.certificates.added_updated=Certificado agregado o modificado exitosamente.
+ssl.certificates.deleted=Certificado borrado exitosamente.
+ssl.certificates.error=Error borrando el certificado.
+ssl.certificates.error_messenge=Mensaje de Error
+ssl.certificates.error_importing-reply=Un error ha occurido mientras se estaba importando la respuesta de la \
+  Autoridad Certificadora. Verifique que la respuesta sea correcta y que pertenece al certificado.
+ssl.certificates.imported=Respuesta de la Autoridad Certificadora ha sido importada exitosamente.
+ssl.certificates.ca-reply=Respuesta de la Autoridad Certificadora:
+ssl.certificates.no_installed=Uno o m\u00e1s certificados no se han instalado. Haga clic {0}aqu\u00ed{1} para generar \
+  certificados auto-firmados.
+ssl.certificates.issuer-updated=Informaci\u00f3n de la entidad emisora actualizada exitosamente.
+
+ssl.certificates.error_installing=Error al instalar el certificado.
+ssl.certificates.error_reported=Error reportado
+ssl.certificates.paste_certificate=Pegue el certificado que le envi\u00f3 la AC o el certificado auto-firmado generado \
+  mediante keytool.
+
+ssl.signing-request.title=Pedido de Firma
+ssl.signing-request.issuer_information=Informaci\u00f3n de la Entidad Emisora
+ssl.signing-request.issuer_information_info=Complete la siguiente informaci\u00f3n de la entidad emisora. Esta \
+  informaci\u00f3n ser\u00e1 guardada en los certificados pendientes de ser enviados a la Autoridad Certificadora. La \
+  Autoridad Certificadora validar\u00e1 la informaci\u00f3n para poder firmar los certificados.
+ssl.signing-request.offer-issuer-information=Previo a solicitar a una Autoridad Certificadora que firme un certificado se \
+  sugiere actualizar la informaci\u00f3n del emisor del certificado. Haga clic {0}aqu\u00ed{1} para actualizar la informaci\u00f3n.
+ssl.signing-request.ca_reply_info=La respuesta del certificado puede ser incorporada al sistema pegando \
+        los datos del certificado que la Autoridad Certificadora (e.g. Verisign) le ha enviado.
+ssl.signing-request.name=Nombre
+ssl.signing-request.organizational_unit=Unidad Organizacional
+ssl.signing-request.organization=Organizaci\u00f3n
+ssl.signing-request.city=Ciudad
+ssl.signing-request.state=Estado
+ssl.signing-request.country=C\u00f3digo de Pa\u00eds
+ssl.signing-request.enter_name=Por favor ingrese un nombre v\u00e1lido.
+ssl.signing-request.enter_ou=Por favor ingrese una unidad organizacional v\u00e1lida.
+ssl.signing-request.enter_o=Por favor ingrese una organizaci\u00f3n v\u00e1lida.
+ssl.signing-request.enter_city=Por favor ingrese una ciudad v\u00e1lida.
+ssl.signing-request.enter_state=Por favor ingrese un estado v\u00e1lido.
+ssl.signing-request.enter_country=Por favor ingrese un c\u00f3digo de pa\u00eds v\u00e1lido.
+ssl.signing-request.save=Actualizar informaci\u00f3n
+ssl.signing-request.requests=Pedidos de Firma Generados
+ssl.signing-request.requests_info=A continuaci\u00f3n se listan los pedidos de firma generados para los certificados que \
+  estan en estado 'Verificaci\u00f3n Pendiente'. El proceso exacto para enviar un pedido de firma a una Autoridad \
+  Certificadora puede variar. En general consiste en copiar el pedido de firma generado y pegarlo al generar \
+  nuevos certificados en el sitio de la Autoridad Certificadora. Las Autoridades Certificadoras le pedir\u00e1n que se \
+  registre en su sitio, proveer informaci\u00f3n sobre su compa\u00f1\u00eda y verificar su dominio antes de generar \
+  nuevos certificados.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Pedido de Firma
+
 # Compression settings Page

 compression.settings.title=Configuraci\u00f3n de compresi\u00f3n

--- a/src/i18n/wildfire_i18n_fr.properties
+++ b/src/i18n/wildfire_i18n_fr.properties
@@ -42,6 +42,8 @@ sidebar.server-data-settings = Stockage de donn\u00E9es priv\u00E9es
 sidebar.server-data-settings.descr = Cliquer pour g\u00E9rer le stockage des donn\u00E9es priv\u00E9es
 sidebar.server-ssl = Param\u00E8tres de S\u00E9curit\u00E9
 sidebar.server-ssl.descr = Cliquer pour voir les Param\u00E8tres de S\u00E9curit\u00E9.
+sidebar.ssl-certificates=Server Certificates
+sidebar.ssl-certificates.descr=Click to manage server certificates.
 sidebar.server-compression = Param\u00E8tres de Compression
 sidebar.server-compression.descr = Cliquer pour voir les Param\u00E8tres de compression.
 sidebar.transfer-proxy = Param\u00E8tres de Transfert de fichiers
@@ -256,6 +258,7 @@ global.restart = red\u00E9marrer
 global.server_status = Statut du Serveur
 global.save_settings = Sauvegarder les Param\u00E8tres
 global.done = Fait
+global.save=Save
 global.cancel = Annuler
 global.save_changes = Sauvegarder les Modifications
 global.save_property = Sauvegarder la Propri\u00E9t\u00E9
@@ -1181,35 +1184,6 @@ ssl.settings.available = Disponible
 ssl.settings.notavailable = Non Disponible
 ssl.settings.required = Requis
 ssl.settings.optional = Optionnel
-ssl.settings.uninstalled = Certificat d\u00E9sinstall\u00E9 avec succ\u00E8s.
-ssl.settings.error = Erreur lors de la d\u00E9sinstallation du certificat.
-ssl.settings.error_messenge = Message d'Erreur
-ssl.settings.error_certificate = Erreur lors de l'installation du certificat, veuillez regarder le formulaire ci-dessous.
-ssl.settings.info = SSL/TLS permet de s\u00E9curiser les connexions entre le serveur et les clients. Cette page affiche les certificats install\u00E9s. Utilisez le formulaire en bas de la page pour installer un nouveau certificat.
-ssl.settings.certificate = Certificats Install\u00E9s
-ssl.settings.alias = H\u00F4te (alias)
-ssl.settings.expiration = Expires
-ssl.settings.self-signed = Autosign\u00E9
-ssl.settings.publickey = Cl\u00E9 Publique
-ssl.settings.publickey.title = Cliquer pour afficher ou cacher la cl\u00E9 publique
-ssl.settings.publickey.label = Afficher/Cacher
-ssl.settings.uninstall = D\u00E9sinstaller
-ssl.settings.click_uninstall = Cliquer pour d\u00E9sintaller...
-ssl.settings.confirm_uninstall = Etes-vous s\u00FBr de vouloir d\u00E9sinstaller ce certificat ?
-ssl.settings.key = Cl\u00E9 Publique \:
-ssl.settings.no_installed = Pas de certificat install\u00E9. Utilisez le formulaire ci-dessous pour en installer un.
-ssl.settings.install_certificate = Installer un certificat
-ssl.settings.install_certificate_info = Les nouveaux certificats X.509 peuvent \u00EAtre ajout\u00E9 au syst\u00E8me en collant les donn\u00E9es du certificat envoy\u00E9 par l'Autorit\u00E9 de Certification (ex \: Verisign) ou vous pouvez g\u00E9n\u00E9rer vous-m\u00EAme vos propres certificats.
-ssl.settings.enter_alias = Veuillez saisir un alias valide.
-ssl.settings.enter_certificate = Veuillez saisir un certificat valide.
-ssl.settings.error_installing = Erreur lors de l'installation du certificat.
-ssl.settings.error_reported = Erreur report\u00E9e
-ssl.settings.type = Type
-ssl.settings.server = Certificat Serveur
-ssl.settings.client = Certificat Client
-ssl.settings.a_certificate = Certificat
-ssl.settings.paste_certificate = Coller ici le certificat qui vous \u00E9t\u00E9 envoy\u00E9 par l'AC ou celui que vous avez g\u00E9n\u00E9r\u00E9 vous-m\u00EAme via le g\u00E9n\u00E9rateur de cl\u00E9.
-ssl.settings.add_certificate = Ajouter un Certificat
 ssl.settings.server.legend = S\u00E9curit\u00E9 des connexions au serveur
 ssl.settings.server.label_required = Requise
 ssl.settings.server.label_required_info = Les connexions entre les serveurs sont toujours s\u00E9curis\u00E9es.
@@ -1219,6 +1193,76 @@ ssl.settings.server.label_custom = Personnalis\u00E9e
 ssl.settings.server.label_custom_info = Configuration avanc\u00E9e
 ssl.settings.server.dialback = Rappel du Serveur \:
 ssl.settings.server.customTLS = M\u00E9thode TLS \:
+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate.
+ssl.certificates.imported=Certificate Authority reply was imported successfully.
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page
 compression.settings.title = Param\u00E8tres de Compression
 compression.settings.update = Param\u00E8tres mis \u00E0 jour avec succ\u00E8s.

--- a/src/i18n/wildfire_i18n_nl.properties
+++ b/src/i18n/wildfire_i18n_nl.properties
@@ -56,6 +56,8 @@ tab.server.descr=Klik hier om de serverinstellingen te beheren
        sidebar.server-data-settings.descr=
        sidebar.server-ssl=SSL instellingen
        sidebar.server-ssl.descr=
+        sidebar.ssl-certificates=Server Certificates
+        sidebar.ssl-certificates.descr=Click to manage server certificates.
        sidebar.server-compression=Compression Settings
        sidebar.server-compression.descr=Click to view compression settings.
        sidebar.transfer-proxy=File Transfer Settings
@@ -284,6 +286,7 @@ global.restart=opnieuw starten
 global.server_status=Server status
 global.save_settings=Instellingen opslaan
 global.done=Voltooid
+global.save=Save
 global.cancel=Annuleren
 global.save_changes=Wijzigen opslaan
 global.save_property=Eigenschap opslaan
@@ -1270,40 +1273,6 @@ ssl.settings.available=Available
 ssl.settings.notavailable=Not Available
 ssl.settings.required=Required
 ssl.settings.optional=Optional
-ssl.settings.uninstalled=Het certificaat is succesvol verwijdert.
-ssl.settings.error=Fout bij het verwijderen van het certificaat.
-ssl.settings.error_messenge=Foutmelding
-ssl.settings.error_certificate=Fout bij het installeren van het certificaat, controleer het onderstaande formulier.
-ssl.settings.info=SSL/TLS laat toe om verbindingen tussen de server en clienten te beveiligen. \
-        Deze pagina geeft de genstalleerde certificaten weer. Gebruik het formulier onderaan om \
-        een nieuw certificaat te installeren.
-ssl.settings.certificate=Genstalleerde certificaten
-ssl.settings.alias=Alias (computernaam)
-ssl.settings.expiration=Expires
-ssl.settings.self-signed=Self-signed
-ssl.settings.publickey=Public Key
-ssl.settings.publickey.title=Click to show or hide public key
-ssl.settings.publickey.label=Show/Hide
-ssl.settings.uninstall=Verwijderen
-ssl.settings.click_uninstall=Klik hier om te verwijderen...
-ssl.settings.confirm_uninstall=Wilt u dit certificaat verwijderen?
-ssl.settings.key=Publieke sleutel:
-ssl.settings.no_installed=Er zijn geen genstalleerde certificaten. Gebruik het onderstaande formulier om een certificaat te installeren.
-ssl.settings.install_certificate=Certificaat installeren
-ssl.settings.install_certificate_info=Nieuwe X.509 certificaten kunnen worden toegevoegd aan het systeem door de certificaatgegevens \
-        te plakken die u van een Certificate Authority (bvb. Verisign) hebt ontvangen of u kan een certificaat gebruiken dat door \
-        uzelf ondertekend is.
-ssl.settings.enter_alias=Geef een geldige alias in.
-ssl.settings.enter_certificate=Geef een geldig certificaat in.
-ssl.settings.error_installing=Fout bij het installeren van het certificaat.
-ssl.settings.error_reported=Fout gemeld
-ssl.settings.type=Type
-ssl.settings.server=Server certificaat
-ssl.settings.client=Client certificaat
-ssl.settings.a_certificate=Certificaat
-ssl.settings.paste_certificate=Plak het certificaat dat u hebt ontvangen van een Certificate Authority of dat u zelf hebt ondertekend \
-        en aangemaakt via de keytool.
-ssl.settings.add_certificate=Certificaat toevoegen
 ssl.settings.server.legend=Server Connection Security
 ssl.settings.server.label_required=Required
 ssl.settings.server.label_required_info=Connections between servers always use secured connections.
@@ -1314,6 +1283,76 @@ ssl.settings.server.label_custom_info=Advanced configuration
 ssl.settings.server.dialback=Server Dialback:
 ssl.settings.server.customTLS=TLS method:

+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate.
+ssl.certificates.imported=Certificate Authority reply was imported successfully.
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page

 compression.settings.title=Compression Settings

--- a/src/i18n/wildfire_i18n_pl_PL.properties
+++ b/src/i18n/wildfire_i18n_pl_PL.properties
@@ -60,6 +60,8 @@ tab.server.descr=Zarz\u0105dzanie ustawieniami serwera
        sidebar.server-data-settings.descr=Kliknij aby zarz\u0105dza\u0107 przechowywaniem danych prywatnych na serwerze
        sidebar.server-ssl=Bezpiecze\u0144stwo
        sidebar.server-ssl.descr=Kliknij aby zmieni\u0107 ustawienia dotycz\u0105ce bezpiecze\u0144stwa
+        sidebar.ssl-certificates=Server Certificates
+        sidebar.ssl-certificates.descr=Click to manage server certificates.
        sidebar.server-compression=Ustawienia kompresji
        sidebar.server-compression.descr=Kliknij aby edytowa\u0107 ustawienia kompresji przesy\u0142anych danych
        sidebar.transfer-proxy=Ustawienia transferu plik\u00f3w
@@ -287,6 +289,7 @@ global.restart=Restart
 global.server_status=Status serwera
 global.save_settings=Zapisz ustawienia
 global.done=Zrobione
+global.save=Save
 global.cancel=Anuluj
 global.save_changes=Zapisz zmiany
 global.save_property=Zapisz w\u0142asno\u015b\u0107
@@ -1250,39 +1253,6 @@ ssl.settings.available=Dostepny
 ssl.settings.notavailable=Nie dost\u0119pny
 ssl.settings.required=Wymagane
 ssl.settings.optional=Opcjonalne
-ssl.settings.uninstalled=Zainstalowano certyfikat.
-ssl.settings.error=B\u0142\u0105d podczas usuwania certyfikatu.
-ssl.settings.error_messenge=B\u0142\u0105d
-ssl.settings.error_certificate=B\u0142\u0105d podczas instalacji certyfikatu, wi\u0119cej informacji poni\u017cej.
-ssl.settings.info=SSL/TLS pozwala zabiezpieczy\u0107 transmisj\u0119 pomi\u0119dzy serwerami i klientami. Strona \
-        ta zawiera informacje o zainstalowanych certyfikatach. Przy pomocy formularza na dole strony mo\u017cliwa jest \
-        instalacja nowego certyfikatu.
-ssl.settings.certificate=Zainstalowane certyfikaty
-ssl.settings.alias=Nazwa hosta (alias)
-ssl.settings.expiration=Wygasa
-ssl.settings.self-signed=Self-signed
-ssl.settings.publickey=Klucz publiczny
-ssl.settings.publickey.title=Kliknij aby pokaza\u0107 lub ukry\u0107 klucz publiczny
-ssl.settings.publickey.label=Poka\u017c/ukryj
-ssl.settings.uninstall=Usu\u0144
-ssl.settings.click_uninstall=Kliknij aby usun\u0105\u0107...
-ssl.settings.confirm_uninstall=Czy jeste\u015b pewien, \u017ce chcesz usun\u0105\u0107 certyfikat?
-ssl.settings.key=Klucz publiczny:
-ssl.settings.no_installed=Brak certyfikat\u00f3w. Zainstaluj korzystaj\u0105c z poni\u017cszego formularza.
-ssl.settings.install_certificate=Instaluj certyfikat
-ssl.settings.install_certificate_info=Nowy certyfikat X.509 mo\u017ce zosta\u0107 dodany do systemu poprzez wklejenie danych \
-        uzyskanych od instytucji certyfikuj\u0105cej (np. Verisign) lub \
-        mo\u017cesz wygenerowa\u0107 w\u0142asny certyfikat.
-ssl.settings.enter_alias=Podaj prawid\u0142owy alias.
-ssl.settings.enter_certificate=Podaj poprawny certyfikat.
-ssl.settings.error_installing=B\u0142\u0105d podczas instalacji certyfikatu.
-ssl.settings.error_reported=Zg\u0142oszono b\u0142\u0105d
-ssl.settings.type=Typ
-ssl.settings.server=Certyfikat serwera
-ssl.settings.client=Certyfikat klienta
-ssl.settings.a_certificate=Certyfikat
-ssl.settings.paste_certificate=Wklej certyfikat otrzymany od CA lub wygenerowany.
-ssl.settings.add_certificate=Dodaj certyfikat
 ssl.settings.server.legend=Bezpieczne po\u0142\u0105czenie pomi\u0119dzy serwerami
 ssl.settings.server.label_required=Wymagane
 ssl.settings.server.label_required_info=Po\u0142\u0105czenia pomi\u0119dzy serwerami zawsze u\u017cywaj\u0105 po\u0142\u0105cze\u0144 szyfrowanych.
@@ -1293,6 +1263,76 @@ ssl.settings.server.label_custom_info=Ustawienia zaawansowane
 ssl.settings.server.dialback=Dialback serwera:
 ssl.settings.server.customTLS=Metoda TLS:

+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate.
+ssl.certificates.imported=Certificate Authority reply was imported successfully.
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page

 compression.settings.title=Ustawienia kompresji

--- a/src/i18n/wildfire_i18n_pt_BR.properties
+++ b/src/i18n/wildfire_i18n_pt_BR.properties
@@ -56,6 +56,8 @@ tab.server.descr=Clique para gerenciar as configura\u00e7\u00f5es do servidor
        sidebar.server-data-settings.descr=Clique para gerenciar o armazenamento de dados privados
        sidebar.server-ssl=Configura\u00e7\u00f5es do SSL
        sidebar.server-ssl.descr=Clique para visualizar as configura\u00e7\u00f5es de SSL
+        sidebar.ssl-certificates=Server Certificates
+        sidebar.ssl-certificates.descr=Click to manage server certificates.
        sidebar.server-compression=Configura\u00e7\u00f5es de Compress\u00e3o
        sidebar.server-compression.descr=Clique para vizualizar as configura\u00e7\u00f5es de compress\u00e3o.
        sidebar.transfer-proxy=Configura\u00e7\u00f5es de Transfer\u00eancia de Arquivos
@@ -284,6 +286,7 @@ global.restart=reiniciar
 global.server_status=Status do Servidor
 global.save_settings=Salvar Configura\u00e7\u00f5es
 global.done=Conclu\u00eddo
+global.save=Salvar
 global.cancel=Cancelar
 global.save_changes=Salvar Mudan\u00e7as
 global.save_property=Salvar Propriedade
@@ -1267,40 +1270,6 @@ ssl.settings.available=Dispon\u00edvel
 ssl.settings.notavailable=Indispon\u00edvel
 ssl.settings.required=Requerido
 ssl.settings.optional=Opcional
-ssl.settings.uninstalled=Certificado desinstalado com \u00eaxito.
-ssl.settings.error=Erro desinstalando o certificado.
-ssl.settings.error_messenge=Mensagem de Erro
-ssl.settings.error_certificate=Erro instalando o certificado. Por favor veja o formul\u00e1rio abaixo.
-ssl.settings.info=SSL/TLS permite que sejam estabelecidas conex\u00f5es seguras entre o servidor e os clientes. Esta \
-        p\u00e1gina mostra os certificados instalados. Utilize o formul\u00e1rio no fim da p\u00e1gina para instalar um \
-        novo certificado.
-ssl.settings.certificate=Certificados Instalados
-ssl.settings.alias=Apelido (host)
-ssl.settings.expiration=Expira
-ssl.settings.self-signed=Auto-assinado
-ssl.settings.publickey=Chave P\u00fablica
-ssl.settings.publickey.title=Clique para mostrar ou ocultar a chave p\u00fablica
-ssl.settings.publickey.label=Mostrar/Ocultar
-ssl.settings.uninstall=Desinstalar
-ssl.settings.click_uninstall=Clique para desinstalar...
-ssl.settings.confirm_uninstall=Voc\u00ea tem certeza que quer desinstalar este certificado?
-ssl.settings.key=Chave P\u00fablica:
-ssl.settings.no_installed=Nenhum certificado instalado. Utilize o formul\u00e1rio abaixo para instalar um.
-ssl.settings.install_certificate=Instalar Certificado
-ssl.settings.install_certificate_info=Novos certificados X.509 podem ser adicionados ao sistema colando no certificado \
-        os dados enviados pela Autoridade Certificadora (como Verisign) ou voc\u00ea pode \
-        gerar o seu pr\u00f3prio certificado assinado por voc\u00ea mesmo.
-ssl.settings.enter_alias=Por favor digite um apelido v\u00e1lido.
-ssl.settings.enter_certificate=Por favor digite um certificado v\u00e1lido.
-ssl.settings.error_installing=Erro instalando o certificado.
-ssl.settings.error_reported=Erro reportado
-ssl.settings.type=Tipo
-ssl.settings.server=Certificado do Servidor
-ssl.settings.client=Certificado do Cliente
-ssl.settings.a_certificate=Certificado
-ssl.settings.paste_certificate=Cole no certificado enviado para voc\u00ea pela Entidade Certificadora ou o certificado \
-        auto-assinado gerado pela ferramenta de chaves.
-ssl.settings.add_certificate=Adicionar Certificado
 ssl.settings.server.legend=Seguran\u00e7a da Conex\u00e3o do Servidor
 ssl.settings.server.label_required=Requerido
 ssl.settings.server.label_required_info=Conex\u00f5es entre servidores sempre utilizam conex\u00f5es seguras.
@@ -1311,6 +1280,76 @@ ssl.settings.server.label_custom_info=Configura\u00e7\u00e3o avan\u00e7ada
 ssl.settings.server.dialback=Discagem de retorno do Servidor:
 ssl.settings.server.customTLS=M\u00e9todo TLS:

+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate.
+ssl.certificates.imported=Certificate Authority reply was imported successfully.
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page

 compression.settings.title=Configura\u00e7\u00f5es de Compress\u00e3o

--- a/src/i18n/wildfire_i18n_zh_CN.properties
+++ b/src/i18n/wildfire_i18n_zh_CN.properties
@@ -59,6 +59,8 @@ tab.server.descr=\u5355\u51fb\u53ef\u7ba1\u7406\u670d\u52a1\u5668\u8bbe\u7f6e
        sidebar.server-data-settings.descr=\u70b9\u51fb\u7ba1\u7406\u79c1\u6709\u6570\u636e\u5b58\u50a8
        sidebar.server-ssl=\u5b89\u5168\u8bbe\u7f6e
        sidebar.server-ssl.descr=\u70b9\u51fb\u6d4f\u89c8SSL\u8bbe\u7f6e
+        sidebar.ssl-certificates=Server Certificates
+        sidebar.ssl-certificates.descr=Click to manage server certificates.
        sidebar.server-compression=\u538b\u7f29\u8bbe\u7f6e
        sidebar.server-compression.descr=\u5355\u51fb\u67e5\u770b\u538b\u7f29\u8bbe\u7f6e
        sidebar.transfer-proxy=\u6587\u4ef6\u4f20\u8f93\u8bbe\u7f6e
@@ -283,6 +285,7 @@ global.restart=\u91cd\u65b0\u542f\u52a8
 global.server_status=\u670d\u52a1\u5668\u72b6\u6001
 global.save_settings=\u4fdd\u5b58\u8bbe\u7f6e
 global.done=\u5b8c\u6210
+global.save=Save
 global.cancel=\u53d6\u6d88
 global.save_changes=\u4fdd\u5b58\u66f4\u6539
 global.save_property=\u4fdd\u5b58\u5c5e\u6027
@@ -1337,35 +1340,6 @@ ssl.settings.available=\u6709\u6548
 ssl.settings.notavailable=\u65e0\u6548
 ssl.settings.required=\u5fc5\u9700
 ssl.settings.optional=\u53ef\u9009\u62e9
-ssl.settings.uninstalled=\u5df2\u6210\u529f\u5378\u8f7d\u8bc1\u4e66\u3002
-ssl.settings.error=\u5378\u8f7d\u8bc1\u4e66\u65f6\u51fa\u9519\u3002
-ssl.settings.error_messenge=\u9519\u8bef\u6d88\u606f
-ssl.settings.error_certificate=\u5b89\u88c5\u8bc1\u4e66\u65f6\u51fa\u9519\uff0c\u8bf7\u53c2\u9605\u4e0b\u9762\u7684\u8868\u5355\u3002
-ssl.settings.info=SSL\uff0fTLS \u5141\u8bb8\u5728\u670d\u52a1\u5668\u548c\u5ba2\u6237\u673a\u4e4b\u95f4\u5efa\u7acb\u5b89\u5168\u8fde\u63a5\u3002\u672c\u9875\u9762\u663e\u793a\u5df2\u5b89\u88c5\u7684\u8bc1\u4e66\u3002\u8bf7\u4f7f\u7528\u9875\u9762\u5e95\u90e8\u7684\u8868\u5355\u5b89\u88c5\u65b0\u8bc1\u4e66\u3002
-ssl.settings.certificate=\u5df2\u5b89\u88c5\u7684\u8bc1\u4e66
-ssl.settings.alias=\u4e3b\u673a(\u522b\u540d)
-ssl.settings.expiration=\u8fc7\u671f
-ssl.settings.self-signed=\u81ea\u5b9a\u4e49\u7b7e\u540d
-ssl.settings.publickey=\u516c\u5f00\u5bc6\u94a5
-ssl.settings.publickey.title=\u70b9\u51fb\u663e\u793a\u6216\u9690\u85cf\u516c\u5f00\u5bc6\u94a5
-ssl.settings.publickey.label=\u663e\u793a/\u9690\u85cf
-ssl.settings.uninstall=\u5378\u8f7d
-ssl.settings.click_uninstall=\u5355\u51fb\u53ef\u5378\u8f7d...
-ssl.settings.confirm_uninstall=\u786e\u5b9e\u8981\u5378\u8f7d\u6b64\u8bc1\u4e66\u5417\uff1f
-ssl.settings.key=\u516c\u7528\u5bc6\u94a5\uff1a
-ssl.settings.no_installed=\u672a\u5b89\u88c5\u8bc1\u4e66\u3002\u8bf7\u4f7f\u7528\u4e0b\u9762\u7684\u8868\u5355\u5b89\u88c5\u4e00\u4e2a\u8bc1\u4e66\u3002
-ssl.settings.install_certificate=\u5b89\u88c5\u8bc1\u4e66
-ssl.settings.install_certificate_info=\u53ef\u4ee5\u901a\u8fc7\u5c06\u8ba4\u8bc1\u4e2d\u5fc3\uff08\u4f8b\u5982\uff0cVerisign\uff09\u53d1\u9001\u7ed9\u60a8\u7684\u8bc1\u4e66\u6570\u636e\u7c98\u8d34\u5230\u7cfb\u7edf\u6765\u6dfb\u52a0\u65b0\u7684 X.509 \u8bc1\u4e66\uff0c\u6216\u60a8\u53ef\u4ee5\u751f\u6210\u60a8\u81ea\u5df1\u7684\u81ea\u7b7e\u7f72\u8bc1\u4e66\u3002
-ssl.settings.enter_alias=\u8bf7\u8f93\u5165\u6709\u6548\u522b\u540d\u3002
-ssl.settings.enter_certificate=\u8bf7\u8f93\u5165\u6709\u6548\u8bc1\u4e66\u3002
-ssl.settings.error_installing=\u5b89\u88c5\u8bc1\u4e66\u65f6\u51fa\u9519\u3002
-ssl.settings.error_reported=\u5df2\u62a5\u544a\u9519\u8bef
-ssl.settings.type=\u7c7b\u578b
-ssl.settings.server=\u670d\u52a1\u5668\u8bc1\u4e66
-ssl.settings.client=\u5ba2\u6237\u673a\u8bc1\u4e66
-ssl.settings.a_certificate=\u8bc1\u4e66
-ssl.settings.paste_certificate=\u7c98\u8d34 CA \u53d1\u9001\u7ed9\u60a8\u7684\u8bc1\u4e66\u6216\u7531 keytool \u751f\u6210\u7684\u81ea\u7b7e\u7f72\u8bc1\u4e66\u3002
-ssl.settings.add_certificate=\u6dfb\u52a0\u8bc1\u4e66
 ssl.settings.server.legend=\u670d\u52a1\u5668\u8054\u63a5\u5b89\u5168
 ssl.settings.server.label_required=\u5fc5\u5907\u9879
 ssl.settings.server.label_required_info=\u670d\u52a1\u5668\u4e4b\u95f4\u5df2\u7ecf\u4f7f\u7528\u5b89\u5168\u8054\u63a5\u3002
@@ -1376,6 +1350,76 @@ ssl.settings.server.label_custom_info=\u9ad8\u7ea7\u8bbe\u7f6e
 ssl.settings.server.dialback=\u670d\u52a1\u5668\u56de\u53eb:
 ssl.settings.server.customTLS=TLS\u65b9\u6848:

+# Server Certificates
+
+ssl.certificates.title=Server Certificates
+ssl.certificates.info=SSL/TLS allows secure connections to be made between the server and clients. This \
+  page displays installed certificates. Certificates should be signed by a Certificate Authority to be \
+  accepted by clients or other servers. Self-signed certificates can still be used although some clients \
+  or servers may not accept them.
+ssl.certificates.alias=Host (alias)
+ssl.certificates.expiration=Expires
+ssl.certificates.status=Status
+ssl.certificates.self-signed=Self signed
+ssl.certificates.self-signed.info=Self-signed certificates should be signed by a Certificate Authority to be trusted \
+  and accepted by clients and other servers.
+ssl.certificates.signing-pending=Pending Verification
+ssl.certificates.signing-pending.info=The certificate is not yet signed by a Certificate Authority. A signing request \
+  should be sent to the Certificate Authority so that it can be signed by the CA. The CA will return a new certificate \
+  once it has been approved and signed. The returned certificate will need to be imported into Wildfire.
+ssl.certificates.ca-signed=CA Signed
+ssl.certificates.ca-signed.info=The certificate has been signed by a Certificate Authority. Clients and servers should \
+  accept the certificate unless they not trust on the Certificate Authority that signed the certificate.
+ssl.certificates.algorithm=Algorithm
+ssl.certificates.confirm_delete=Are you sure you want to delete this certificate?
+ssl.certificates.added_updated=Certificate added or modified successfully.
+ssl.certificates.deleted=Certificate deleted successfully.
+ssl.certificates.error=Error deleting the certificate.
+ssl.certificates.error_messenge=Error message
+ssl.certificates.error_importing-reply=An error occured while importing the Certificate Authority reply. Verify that \
+  the reply is correct and that it belongs to the correct certificate.
+ssl.certificates.imported=Certificate Authority reply was imported successfully.
+ssl.certificates.ca-reply=Certificate Authority Reply:
+ssl.certificates.no_installed=One or more certificates are not installed. Click {0}here{1} to generate self-signed \
+  certificates.
+ssl.certificates.issuer-updated=Issuer information updated successfully.
+
+ssl.certificates.error_installing=Error installing the certificate.
+ssl.certificates.error_reported=Error reported
+ssl.certificates.paste_certificate=Paste in the certificate sent to you by the CA or the self-signed \
+        certificate generated via the keytool.
+
+ssl.signing-request.title=Signing request
+ssl.signing-request.issuer_information=Issuer Information
+ssl.signing-request.issuer_information_info=Complete the following information of the certificate issuer. This \
+  information will be stored in the certificates pending to be sent to the Certificate Authority. The \
+  Certificate Authority will validate the information in order to sign the certificates.
+ssl.signing-request.offer-issuer-information=Before requesting a Certificate Authority to sign a certificate it \
+  is suggested to update the issuer information of certificates. Click {0}here{1} to update the issuer information.
+ssl.signing-request.ca_reply_info=Certificate reply can be added to the system by pasting \
+        in the certificate data sent to you by a Certificate Authority (e.g. Verisign).
+ssl.signing-request.name=Name
+ssl.signing-request.organizational_unit=Organizational Unit
+ssl.signing-request.organization=Organization
+ssl.signing-request.city=City
+ssl.signing-request.state=State
+ssl.signing-request.country=Country Code
+ssl.signing-request.enter_name=Please enter a valid name.
+ssl.signing-request.enter_ou=Please enter a valid organizational unit.
+ssl.signing-request.enter_o=Please enter a valid organization.
+ssl.signing-request.enter_city=Please enter a valid city.
+ssl.signing-request.enter_state=Please enter a valid state.
+ssl.signing-request.enter_country=Please enter a valid country.
+ssl.signing-request.save=Update information
+ssl.signing-request.requests=Generated Signing Requests
+ssl.signing-request.requests_info=Below you will find the signing requests genereted for those certificates whose \
+  status is 'Pending Verification'. The exact process for sending the signing request to a Certificate \
+  Authority may vary. In general it is a matter of copying the generated signing request and paste it when generating \
+  new certificates in the Certificate Authority website. Certificate Authorities require you to register in their website, \
+  provide information about the company and verify the domain before being able to generate new certificates.
+ssl.signing-request.alias=Alias
+ssl.signing-request.signing-request=Signing Request
+
 # Compression settings Page

 compression.settings.title=\u538b\u7f29\u8bbe\u7f6e

--- a/src/java/org/jivesoftware/util/CertificateManager.java
+++ b/src/java/org/jivesoftware/util/CertificateManager.java
@@ -145,7 +145,7 @@ public class CertificateManager {
     * @throws KeyStoreException
     */
    public static boolean isDSACertificate(X509Certificate certificate) throws KeyStoreException {
-        return certificate.getPublicKey().getAlgorithm().contains("DSA");
+        return certificate.getPublicKey().getAlgorithm().equals("DSA");
    }

    /**
@@ -161,7 +161,7 @@ public class CertificateManager {
        for (Enumeration<String> aliases = ksKeys.aliases(); aliases.hasMoreElements();) {
            X509Certificate certificate = (X509Certificate) ksKeys.getCertificate(aliases.nextElement());
            for (String identity : TLSStreamHandler.getPeerIdentities(certificate)) {
-                if (identity.endsWith(domain) && certificate.getPublicKey().getAlgorithm().contains(algorithm)) {
+                if (identity.endsWith(domain) && certificate.getPublicKey().getAlgorithm().equals(algorithm)) {
                    return true;
                }
            }
@@ -190,7 +190,7 @@ public class CertificateManager {

        PublicKey pubKey = cert.getPublicKey();

-        String signatureAlgorithm = cert.getSigAlgName().contains("DSA") ? "SHA1withDSA" : "MD5withRSA";
+        String signatureAlgorithm = "DSA".equals(pubKey.getAlgorithm()) ? "SHA1withDSA" : "MD5withRSA";

        PKCS10CertificationRequest csr =
                new PKCS10CertificationRequest(signatureAlgorithm, xname, pubKey, null, privKey);

--- a/src/resources/jar/admin-sidebar.xml
+++ b/src/resources/jar/admin-sidebar.xml
@@ -112,6 +112,11 @@
                    url="ssl-settings.jsp"
                    description="${sidebar.server-ssl.descr}" />

+            <!-- SSL Certificates -->
+            <item id="ssl-certificates" name="${sidebar.ssl-certificates}"
+                    url="ssl-certificates.jsp"
+                    description="${sidebar.ssl-certificates.descr}" />
+
            <!-- Compression Settings -->
            <item id="server-compression" name="${sidebar.server-compression}"
                    url="compression-settings.jsp"

--- a/src/security/keystore
+++ b/src/security/keystore
--- a/src/web/ssl-certificates.jsp
+++ b/src/web/ssl-certificates.jsp
@@ -12,6 +12,8 @@
 <%@ page import="java.util.Enumeration" %>
 <%@ page import="java.util.HashMap" %>
 <%@ page import="java.util.Map" %>
+<%@ page import="org.jivesoftware.util.StringUtils" %>
+<%@ page import="java.security.PrivateKey" %>

 <%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %>
 <%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %>
@@ -148,6 +150,19 @@
      </table>
      </div><br>

+  <%  } else if (ParamUtils.getBooleanParameter(request,"issuerUpdated")) { %>
+
+      <div class="jive-success">
+      <table cellpadding="0" cellspacing="0" border="0">
+      <tbody>
+          <tr><td class="jive-icon"><img src="images/success-16x16.gif" width="16" height="16" border="0" alt=""></td>
+          <td class="jive-icon-label">
+          <fmt:message key="ssl.certificates.issuer-updated" />
+          </td></tr>
+      </tbody>
+      </table>
+      </div><br>
+
  <%  } else if (ParamUtils.getBooleanParameter(request,"importsuccess")) { %>

      <div class="jive-success">
@@ -235,7 +250,8 @@
  <tbody>

  <% int i = 0;
-      boolean offerSigningRequest = false;
+      boolean offerUpdateIssuer = false;
+      Map<String, String> signingRequests = new HashMap<String, String>();
      for (Enumeration aliases = keyStore.aliases(); aliases.hasMoreElements();) {
          i++;
          String a = (String) aliases.nextElement();
@@ -252,7 +268,12 @@
          // Signing Request pending = not self signed certs whose chain has only 1 cert (the same cert)
          boolean isSigningPending = !isSelfSigned && keyStore.getCertificateChain(a).length == 1;

-          offerSigningRequest = offerSigningRequest || isSelfSigned || isSigningPending;
+          offerUpdateIssuer = offerUpdateIssuer || isSelfSigned || isSigningPending;
+          if (isSigningPending) {
+              // Generate new signing request for certificate
+              PrivateKey privKey = (PrivateKey) keyStore.getKey(a, SSLConfig.getKeyPassword().toCharArray());
+              signingRequests.put(a, CertificateManager.createSigningRequest(c, privKey));
+          }
  %>
      <tr valign="top">
          <td id="rs<%=i%>" width="1" rowspan="1"><%= (i) %>.</td>
@@ -286,7 +307,7 @@
          </td>
          <% } %>
          <td width="2%">
-              <%= c.getSigAlgName() %>
+              <%= c.getPublicKey().getAlgorithm() %>
          </td>
          <td width="1" align="center">
              <a href="ssl-certificates.jsp?alias=<%= a %>&type=server&delete=true"
@@ -318,19 +339,52 @@
  </tbody>
  </table>
  <!-- END 'Installed Certificates' -->
-  <% if (offerSigningRequest) { %>
+  <!-- BEGIN 'Signing request' -->
+  <% if (offerUpdateIssuer || !signingRequests.isEmpty()) { %>
  <br>
  <div class="jive-contentBoxHeader">
      <fmt:message key="ssl.signing-request.title"/>
  </div>
  <div class="jive-contentBox">
+      <% if (offerUpdateIssuer) { %>
      <p>
-          <fmt:message key="ssl.signing-request.introduction">
+          <fmt:message key="ssl.signing-request.offer-issuer-information">
              <fmt:param value="<%= "<a href='ssl-signing-request.jsp'>" %>" />
              <fmt:param value="<%= "</a>" %>" />
          </fmt:message>
      </p>
+      <% } %>
+      <% if (!signingRequests.isEmpty()) { %>
+        <p>
+            <fmt:message key="ssl.signing-request.requests_info"/>
+        </p>
+        <table cellpadding="3" cellspacing="2" border="0">
+            <thead>
+                <tr>
+                    <th>
+                        <fmt:message key="ssl.signing-request.alias" />
+                    </th>
+                    <th>
+                        <fmt:message key="ssl.signing-request.signing-request" />
+                    </th>
+                </tr>
+            </thead>
+            <tbody>
+                <% for (Map.Entry<String, String> entry : signingRequests.entrySet()) { %>
+                <tr>
+                    <td width="1%" valign="top">
+                        <%= entry.getKey() %>
+                    </td>
+                    <td width="99%" >
+                        <%= StringUtils.escapeHTMLTags(entry.getValue()) %>
+                    </td>
+                </tr>
+                <% } %>
+          </tbody>
+          </table>
+      <% } %>
  </div>
  <% } %>
+  <!-- END 'Signing request' -->
  </body>
 </html>
\ No newline at end of file
--- a/src/web/ssl-settings.jsp
+++ b/src/web/ssl-settings.jsp
@@ -13,32 +13,15 @@
                 org.jivesoftware.wildfire.ClientSession,
                 org.jivesoftware.wildfire.Connection,
                 org.jivesoftware.wildfire.ConnectionManager,
-                 org.jivesoftware.wildfire.XMPPServer,
-                 org.jivesoftware.wildfire.net.SSLConfig"
+                 org.jivesoftware.wildfire.XMPPServer"
    errorPage="error.jsp"
 %>
-<%@ page import="org.jivesoftware.wildfire.net.TLSStreamHandler"%>
-<%@ page import="java.io.ByteArrayInputStream"%>
-<%@ page import="java.security.KeyStore"%>
-<%@ page import="java.security.cert.Certificate"%>
-<%@ page import="java.security.cert.CertificateFactory"%>
-<%@ page import="java.security.cert.X509Certificate"%>
-<%@ page import="java.util.Date"%>
-<%@ page import="java.util.Enumeration"%>
-<%@ page import="java.util.HashMap"%>
-<%@ page import="java.util.Map"%>

 <%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %>
 <%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %>
 <%  try { %>

 <%  // Get parameters:
-    String type = ParamUtils.getParameter(request, "type");
-    String cert = ParamUtils.getParameter(request, "cert");
-    String alias = ParamUtils.getParameter(request, "alias");
-    boolean install = request.getParameter("install") != null;
-    boolean uninstall = ParamUtils.getBooleanParameter(request,"uninstall");
-
    boolean update = request.getParameter("update") != null;
    boolean success = ParamUtils.getBooleanParameter(request, "success");
    // Client configuration parameters
@@ -50,10 +33,6 @@
    String dialback = ParamUtils.getParameter(request, "dialback");
    String server_tls = ParamUtils.getParameter(request, "server_tls");

-    KeyStore keyStore = SSLConfig.getKeyStore();
-    KeyStore trustStore = SSLConfig.getTrustStore();
-
-    Map<String, Object> errors = new HashMap<String, Object>();
    if (update) {
        if ("req".equals(clientSecurityRequired)) {
            // User selected that security is required
@@ -179,52 +158,6 @@
        dialback = dialbackEnabled ? "available" : "notavailable";
        server_tls = "notavailable";
    }
-
-    if (install) {
-        if (cert == null){
-            errors.put("cert","");
-        }
-        if (alias == null) {
-            errors.put("alias","");
-        }
-        if (errors.size() == 0) {
-            try {
-                CertificateFactory cf = CertificateFactory.getInstance("X.509");
-                Certificate certificate = cf.generateCertificate(new ByteArrayInputStream(cert.getBytes()));
-                if ("client".equals(type)){
-                    trustStore.setCertificateEntry(alias,certificate);
-                }
-                else {
-                    keyStore.setCertificateEntry(alias,certificate);
-                }
-                SSLConfig.saveStores();
-                response.sendRedirect("ssl-settings.jsp?success=true");
-                return;
-            }
-            catch (Exception e) {
-                errors.put("general","");
-            }
-        }
-    }
-    if (uninstall) {
-        if (type != null && alias != null) {
-            try {
-                if ("client".equals(type)){
-                    SSLConfig.getTrustStore().deleteEntry(alias);
-                }
-                else if ("server".equals(type)) {
-                    SSLConfig.getKeyStore().deleteEntry(alias);
-                }
-                SSLConfig.saveStores();
-                response.sendRedirect("ssl-settings.jsp?deletesuccess=true");
-                return;
-            }
-            catch (Exception e) {
-                e.printStackTrace();
-                errors.put("delete", e);
-            }
-        }
-    }
 %>

 <html>
@@ -263,34 +196,6 @@
 			style2.display = mode;
 		}
 	}
-
-	function togglePublicKey(pkLayer, indexLayer)
-	{
-		if (document.getElementById)
-		{
-			// this is the way the standards work
-			var style2 = document.getElementById(pkLayer).style;
-			var certs = document.getElementById(indexLayer);
-			certs.rowSpan = style2.display? 2:1;
-			style2.display = style2.display? "":"none";
-		}
-		else if (document.all)
-		{
-			// this is the way old msie versions work
-			var style2 = document.all[pkLayer].style;
-			var certs = document.all[indexLayer];
-			certs.rowSpan = style2.display? 2:1;
-			style2.display = style2.display? "":"none";
-		}
-		else if (document.layers)
-		{
-			// this is the way nn4 works
-			var style2 = document.layers[pkLayer].style;
-			var certs = document.layers[indexLayer];
-			certs.rowSpan = style2.display? 2:1;
-			style2.display = style2.display? "":"none";
-		}
-	}
 	//-->
 </script>
 </head>
@@ -322,37 +227,6 @@
    </table>
    </div><br>

-<%  } else if (errors.containsKey("delete")) {
-        Exception e = (Exception)errors.get("delete");
-%>
-
-    <div class="jive-error">
-    <table cellpadding="0" cellspacing="0" border="0">
-    <tbody>
-        <tr><td class="jive-icon"><img src="images/error-16x16.gif" width="16" height="16" border="0" alt=""></td>
-        <td class="jive-icon-label">
-        <fmt:message key="ssl.settings.error" />
-        <%  if (e != null && e.getMessage() != null) { %>
-            <fmt:message key="ssl.settings.error_messenge" />: <%= e.getMessage() %>
-        <%  } %>
-        </td></tr>
-    </tbody>
-    </table>
-    </div><br>
-
-<%  } else if (errors.size() > 0) { %>
-
-    <div class="jive-error">
-    <table cellpadding="0" cellspacing="0" border="0">
-    <tbody>
-        <tr><td class="jive-icon"><img src="images/error-16x16.gif" width="16" height="16" border="0" alt=""></td>
-        <td class="jive-icon-label">
-        <fmt:message key="ssl.settings.error_certificate" />
-        </td></tr>
-    </tbody>
-    </table>
-    </div><br>
-
 <%  } %>

 <p>
@@ -530,194 +404,6 @@
 </form>
 <!-- BEGIN 'Server Connection Security' -->

-<br>
-<br>
-
-
-<!-- BEGIN 'Installed Certificates' -->
-<p><b><fmt:message key="ssl.settings.certificate" /></b></p>
-
-<p>
-<fmt:message key="ssl.settings.info" />
-</p>
-
-<table class="jive-table" cellpadding="0" cellspacing="0" border="0" width="100%">
-<thead>
-    <tr>
-        <th width="1%">&nbsp;</th>
-        <th>
-            <fmt:message key="ssl.settings.alias" />
-        </th>
-        <th>
-            <fmt:message key="ssl.settings.expiration" />
-        </th>
-        <th>
-            <fmt:message key="ssl.settings.self-signed" />
-        </th>
-        <th>
-            <fmt:message key="ssl.settings.publickey" />
-        </th>
-        <th width="1%">
-            <fmt:message key="ssl.settings.uninstall" />
-        </th>
-    </tr>
-</thead>
-<tbody>
-
-<%  int i=0;
-    for (Enumeration aliases=keyStore.aliases(); aliases.hasMoreElements();) {
-        i++;
-        String a = (String)aliases.nextElement();
-        X509Certificate c = (X509Certificate) keyStore.getCertificate(a);
-        StringBuffer identities = new StringBuffer();
-        for (String identity : TLSStreamHandler.getPeerIdentities(c)) {
-            identities.append(identity).append(", ");
-        }
-        if (identities.length() > 0) {
-            identities.setLength(identities.length() - 2);
-        }
-%>
-    <tr valign="top">
-        <td id="rs<%=i%>" width="1" rowspan="1"><%= (i) %>.</td>
-        <td>
-            <%= identities.toString() %> (<%= a %>)
-        </td>
-        <td>
-            <% boolean expired = c.getNotAfter().before(new Date());
-               if (expired) { %>
-                <font color="red">
-            <% } %>
-            <%= JiveGlobals.formatDateTime(c.getNotAfter()) %>
-            <% if (expired) { %>
-                </font>
-            <% } %>
-        </td>
-        <td width="1">
-            <% if (c.getSubjectDN().equals(c.getIssuerDN())) { %>
-                <fmt:message key="global.yes" />
-            <% } else { %>
-                <fmt:message key="global.no" />
-            <% } %>
-        </td>
-        <td width="2%">
-            <a href="javascript:togglePublicKey('pk<%=i%>', 'rs<%=i%>');" title="<fmt:message key="ssl.settings.publickey.title" />"><fmt:message key="ssl.settings.publickey.label" /></a>
-        </td>
-        <td width="1" align="center">
-            <a href="ssl-settings.jsp?alias=<%= a %>&type=server&uninstall=true"
-             title="<fmt:message key="ssl.settings.click_uninstall" />"
-             onclick="return confirm('<fmt:message key="ssl.settings.confirm_uninstall" />');"
-             ><img src="images/delete-16x16.gif" width="16" height="16" border="0" alt=""></a>
-        </td>
-    </tr>
-    <tr id="pk<%=i%>" style="display:none">
-        <td colspan="3">
-            <span class="jive-description">
-            <fmt:message key="ssl.settings.key" />
-            </span>
-<textarea cols="40" rows="3" style="width:100%;font-size:8pt;" wrap="virtual">
-<%= c.getPublicKey() %></textarea>
-        </td>
-    </tr>
-
-<%  } %>
-
-<%  if (i==0) { %>
-
-    <tr>
-        <td colspan="4">
-            <p>
-            <fmt:message key="ssl.settings.no_installed" />
-            </p>
-        </td>
-    </tr>
-
-<%  } %>
-
-</tbody>
-</table>
-<!-- END 'Installed Certificates' -->
-
-<br>
-<br>
-
-<!-- BEGIN 'Instal Certificate' -->
-<form action="ssl-settings.jsp" method="post">
-	<div class="jive-contentBoxHeader">
-		<fmt:message key="ssl.settings.install_certificate" />
-	</div>
-	<div class="jive-contentBox">
-		<p>
-		  <fmt:message key="ssl.settings.install_certificate_info" />
-		</p>
-		<table cellpadding="3" cellspacing="0" border="0">
-		<tbody>
-			<%  if (errors.containsKey("alias")) { %>
-				<tr><td>&nbsp;</td>
-					<td>
-						<span class="jive-error-text">
-						<fmt:message key="ssl.settings.enter_alias" />
-						</span>
-					</td>
-				</tr>
-			<%  } else if (errors.containsKey("cert")) { %>
-				<tr><td>&nbsp;</td>
-					<td>
-						<span class="jive-error-text">
-						<fmt:message key="ssl.settings.enter_certificate" />
-						</span>
-					</td>
-				</tr>
-			<%  } else if (errors.containsKey("general")) {
-					String error = (String)errors.get("general");
-			%>
-				<tr><td>&nbsp;</td>
-					<td>
-						<span class="jive-error-text">
-						<fmt:message key="ssl.settings.error_installing" />
-						<%  if (error != null && !"".equals(error.trim())) { %>
-							<fmt:message key="ssl.settings.error_reported" />: <%= error %>.
-						<%  } %>
-						</span>
-					</td>
-				</tr>
-			<%  } %>
-			<tr>
-				<td nowrap width="15%"><fmt:message key="ssl.settings.type" />:</td>
-				<td>
-					<select name="type" size="1">
-						<option value="server"><fmt:message key="ssl.settings.server" /></option>
-						<option value="client"><fmt:message key="ssl.settings.client" /></option>
-					</select>
-				</td>
-			</tr>
-			<tr>
-				<td nowrap><fmt:message key="ssl.settings.alias" />:</td>
-				<td>
-					<input name="alias" type="text" size="50" maxlength="255" value="<%= (alias != null ? alias : "") %>">
-				</td>
-			</tr>
-			<tr valign="top">
-				<td nowrap><fmt:message key="ssl.settings.a_certificate" />:</td>
-				<td>
-					<span class="jive-description">
-					<fmt:message key="ssl.settings.paste_certificate" /><br>
-					</span>
-					<textarea name="cert" cols="55" rows="7" wrap="virtual" style="font-size:8pt;"></textarea>
-				</td>
-			</tr>
-			<tr>
-				<td colspan="2">
-					<br>
-					<input type="submit" name="install" value="<fmt:message key="ssl.settings.add_certificate" />">
-				</td>
-			</tr>
-		</tbody>
-		</table>
-	</div>
-</form>
-<!-- END 'Instal Certificate' -->
-
-
 </body>
 </html>


--- a/src/web/ssl-signing-request.jsp
+++ b/src/web/ssl-signing-request.jsp
@@ -31,18 +31,7 @@
    KeyStore keyStore = SSLConfig.getKeyStore();
    Map<String, Object> errors = new HashMap<String, Object>();

-    Map<String, String> signingRequests = new HashMap<String, String>();
-
-    if (!save) {
-        // Check if we can get the issuer information from another certificate
-        for (Enumeration<String> aliases = keyStore.aliases(); aliases.hasMoreElements();) {
-            X509Certificate certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
-            if (!certificate.getSubjectDN().equals(certificate.getIssuerDN())) {
-                String issuerDN = certificate.getIssuerDN().getName();
-                // TODO Parse the DN and set default values
-            }
-        }
-    } else {
+    if (save) {
        // Verify that fields were completed
        if (name == null) {
            errors.put("name", "");
@@ -73,48 +62,26 @@
                issuerDN.append(", L=").append(city);
                issuerDN.append(", ST=").append(state);
                issuerDN.append(", C=").append(countryCode);
-                // Get list of certs to update
-                Collection<String> aliases;
-                if (ParamUtils.getParameter(request, "update") != null) {
-                    aliases = (Set<String>) session.getAttribute("signing-request");
-                } else {
-                    aliases = new ArrayList<String>();
-                    for (Enumeration<String> certAliases = keyStore.aliases(); certAliases.hasMoreElements();) {
-                        String alias = certAliases.nextElement();
-                        X509Certificate certificate = (X509Certificate) keyStore.getCertificate(alias);
-                        // Self-signed certs are certs generated by Wildfire whose IssueDN equals SubjectDN
-                        boolean isSelfSigned = certificate.getSubjectDN().equals(certificate.getIssuerDN());
-                        // Signing Request pending = not self signed certs whose chain has only 1 cert (the same cert)
-                        boolean isSigningPending = !isSelfSigned && keyStore.getCertificateChain(alias).length == 1;
-                        if (isSelfSigned || isSigningPending) {
-                            aliases.add(alias);
-                        }
-                    }
-                    session.removeAttribute("signing-request");
-                }
                // Update certs with new issuerDN information
-                for (String alias : aliases) {
+                for (Enumeration<String> certAliases = keyStore.aliases(); certAliases.hasMoreElements();) {
+                    String alias = certAliases.nextElement();
                    X509Certificate certificate = (X509Certificate) keyStore.getCertificate(alias);
-                    if (CertificateManager.isDSACertificate(certificate)) {
-                        certificate = CertificateManager
-                                .createDSACert(keyStore, alias, issuerDN.toString(), "cn=" + domain, "*." + domain);
-                    } else {
-                        certificate = CertificateManager
-                                .createRSACert(keyStore, alias, issuerDN.toString(), "cn=" + domain, "*." + domain);
+                    // Self-signed certs are certs generated by Wildfire whose IssueDN equals SubjectDN
+                    boolean isSelfSigned = certificate.getSubjectDN().equals(certificate.getIssuerDN());
+                    // Signing Request pending = not self signed certs whose chain has only 1 cert (the same cert)
+                    boolean isSigningPending = !isSelfSigned && keyStore.getCertificateChain(alias).length == 1;
+                    if (isSelfSigned || isSigningPending) {
+                        if (CertificateManager.isDSACertificate(certificate)) {
+                            CertificateManager.createDSACert(keyStore, alias, issuerDN.toString(), "cn=" + domain, "*." + domain);
+                        } else {
+                            CertificateManager.createRSACert(keyStore, alias, issuerDN.toString(), "cn=" + domain, "*." + domain);
+                        }
                    }
-                    // Generate signing request for new certificate
-                    PrivateKey privKey =
-                            (PrivateKey) keyStore.getKey(alias, SSLConfig.getKeyPassword().toCharArray());
-                    String signingRequest = CertificateManager.createSigningRequest(certificate, privKey);
-                    // Store request in a map for later usage
-                    signingRequests.put(alias, signingRequest);
                }
                // Save keystore
                SSLConfig.saveStores();
-                //response.sendRedirect("ssl-certificates.jsp?success=true");
-                //return;
-                // Save alias of modified certs so we can update them again (in the next submit)
-                session.setAttribute("signing-request", signingRequests.keySet());
+                response.sendRedirect("ssl-certificates.jsp?issuerUpdated=true");
+                return;
            }
            catch (Exception e) {
                e.printStackTrace();
@@ -200,13 +167,9 @@
    </div><br>
 <%  } %>

-<!-- BEGIN 'Install Certificate' -->
+<!-- BEGIN 'Issuer information form' -->
 <form action="ssl-signing-request.jsp" method="post">
    <input type="hidden" name="save" value="true">
-    <%  //Check if we are about to update previous modified certs
-        if (!signingRequests.isEmpty()) { %>
-    <input type="hidden" name="update" value="true">
-    <% } %>
    <div class="jive-contentBoxHeader">
        <fmt:message key="ssl.signing-request.issuer_information"/>
    </div>
@@ -272,42 +235,6 @@
          </table>
      </div>
  </form>
-  <!-- END 'Install Certificate' -->
-
-<% if (!signingRequests.isEmpty()) { %>
-<div class="jive-contentBoxHeader">
-    <fmt:message key="ssl.signing-request.requests"/>
-</div>
-<div class="jive-contentBox">
-    <p>
-        <fmt:message key="ssl.signing-request.requests_info"/>
-    </p>
-    <table cellpadding="3" cellspacing="2" border="0">
-        <thead>
-            <tr>
-                <th>
-                    <fmt:message key="ssl.signing-request.alias" />
-                </th>
-                <th>
-                    <fmt:message key="ssl.signing-request.signing-request" />
-                </th>
-            </tr>
-        </thead>
-        <tbody>
-            <% for (String alias : signingRequests.keySet()) { %>
-            <tr>
-                <td width="1%" valign="top">
-                    <%= alias %>
-                </td>
-                <td width="99%" >
-                    <%= StringUtils.escapeHTMLTags(signingRequests.get(alias)) %>
-                </td>
-            </tr>
-            <% } %>
-      </tbody>
-      </table>
-  </div>
-<% } %>
-
+  <!-- END 'Issuer information form' -->
  </body>
 </html>
\ No newline at end of file