Server certificates should be added to the certificate list by calling NPKICertificateList, and then stored by a calling NPKIStoreServerCertificatesFromCertificateList.
IMPORTANT:During creation of server certificates, if the key-generation server is the same as the CA server, you should not store the certificates.
After a successful call to NPKICreateServerCertificate in a multiserver environment, the certificates need to be stored as follows:
NPKICertificateList—using the clear flag to delete all old certificates from the list
NPKICertInfo—to get the server certificate that was just created by the successful call to NPKICreateServerCertificate
NPKICertificateList—using the add flag to add the server certificate to the list
NPKIGetCACertificates—to get the CA’s self-signed certificate
NPKICertificateList—using the add flag ORed with the sort flag to add the CA’s certificate and to sort the list
NPKIStoreServerCertificatesFromCertificateList—to store the certificate list
For a sample implementation of this task, see CreateServerCert .