|
|
|
The smkeytool command-line utility allows you to populate and manage the key database. This tool is installed with the Policy Server.
Use smkeytool to:
You can only have one key database per Policy Server. After the database is created, you can add keys and certificates.
Note: smkeytool relies on values in the smkeydatabase.properties file. Ensure that this file is properly configured before running smkeytool.
smkeytool is located in the following directory:
Run the smkeytool utility from a command line, using the following syntax:
UNIX:
smkeytool.sh option [argument(s)]
Windows:
smkeytool.bat option [argument(s)]
The options and arguments are described in the following table.
|
Option |
Arguments |
Function |
|---|---|---|
|
-createDB or -cdb
|
<password> |
Creates an empty key database to store keys and certificates. The specified password is encrypted using the policy store key and added to the smkeydatabase.properties file. |
|
-deleteDB or -ddb |
None |
Deletes the key database specified in the smkeydatabase.properties file. |
|
-addPrivKey or -apk |
<private_key_filepath> <x.509_certificate_filepath> <password> |
Adds the specified private key and corresponding certificate file to the key database. Note that <password> is the password used to encrypt the private key file being loaded, not the one associated with the key database. |
|
-deletePrivKey or -dpk |
<x.509_certificate_filepath> |
Deletes the private key entry from the key database based on the specified certificate. |
|
-addCert or -ac |
<x.509_certificate_filepath> |
Adds a certificate to the key database. |
|
-deleteCert or -dc |
<x.509_certificate_filepath> |
Deletes a certificate from the key database based on the specified certificate. |
|
-listCerts or -lc
|
None |
Lists the issuer/subject name (DN) and serial number of all the certificates stored in key database. |
|
-help or -h |
None |
Lists smkeytool usage information. |
Smkeytool Examples
UNIX:
smkeytool.sh –cdb password
Windows:
smkeytool.bat –cdb password
UNIX:
smkeytool.sh –apk /opt/netegrity/webagent/certs/samplePrivKey.pkcs8 /opt/netegrity/webagent/certs/sampleRobm.cer passphrase
Windows:
smkeytool.bat –apk "c:\program files\netegrity\webagent\certs\samplePrivKey.pkcs8" "C:\program files\netegrity\webagent\certs\sampleRobm.cer" passphrase
UNIX:
smkeytool.sh –ac /opt/netegrity/webagent/certs/sampleCARoot.cer
Windows:
smkeytool.bat –ac "c:\program files\netegrity\webagent\certs\sampleCARoot.cer"
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |