chtruststore
Use the chtruststore command to manage the certificate store and append additional certificates.
Syntax
Parameters
- -file file_path
- (Optional) Specifies the location of the file to import the certificates to append those already
in the store.Note: You cannot append the certificates on the truststore with object ID
0
. - -name truststore_name
- (Optional) Specifies a new name for the certificate store.Note: You cannot change the name of the truststore with object ID
0
. - -restapi on | off
- (Optional) Specifies the certificates in the store are for use by the REST API. Values
can be on or off.Note: You cannot enable this parameter on the truststore with object ID
0
. - -ipsec on | off
- (Optional) Specifies the certificates in the store are for use by the IPsec service. Values can
be on or off.Note: You cannot enable this parameter on the truststore with object ID
0
. - -email on | off
- (Optional) Specifies the certificates in the store are used to validate the email
server. Values can be on or off.Note: You can enable this parameter on the truststore with object ID
0
. - -snmp on | off
- (Optional) Specifies the certificates in the store are used to validate the SNMP servers. Value can be on or off. Default is set to off.
- -export
- (Optional) Exports the specified truststore to /dumps/truststore.pem on the configuration node.
- object_id | object_name
- (Required) Specifies the ID or name of the store to manage.
- -syslog on | off
- (Optional) Specifies the certificates to be bundled and provided to rsyslog client for making TLS connections. Values can be on or off.
An invocation example
chtruststore -file /tmp/certificate-bundle.pem 1
The resulting output:
No feedback.