chtruststore

Use the chtruststore command to manage the certificate store and append additional certificates.

Syntax

Read syntax diagramSkip visual syntax diagram chtruststore -filefile_path-nametruststore_name-restapion | off-ipsecon | off-emailon | off-exportobject_idobject_name-snmpon | off-syslogon | off

Parameters

-file file_path
(Optional) Specifies the location of the file to import the certificates to append those already in the store.
Note: You cannot append the certificates on the truststore with object ID 0.
-name truststore_name
(Optional) Specifies a new name for the certificate store.
Note: You cannot change the name of the truststore with object ID 0.
-restapi on | off
(Optional) Specifies the certificates in the store are for use by the REST API. Values can be on or off.
Note: You cannot enable this parameter on the truststore with object ID 0.
-ipsec on | off
(Optional) Specifies the certificates in the store are for use by the IPsec service. Values can be on or off.
Note: You cannot enable this parameter on the truststore with object ID 0.
-email on | off
(Optional) Specifies the certificates in the store are used to validate the email server. Values can be on or off.
Note: You can enable this parameter on the truststore with object ID 0.
-snmp on | off
(Optional) Specifies the certificates in the store are used to validate the SNMP servers. Value can be on or off. Default is set to off.
-export
(Optional) Exports the specified truststore to /dumps/truststore.pem on the configuration node.
object_id | object_name
(Required) Specifies the ID or name of the store to manage.
-syslog on | off
(Optional) Specifies the certificates to be bundled and provided to rsyslog client for making TLS connections. Values can be on or off.

An invocation example

chtruststore -file /tmp/certificate-bundle.pem 1

The resulting output:

No feedback.