lssystemcertstore
Use the lssystemcertstore command to display the certificates installed on the system, categorized by use case.
Syntax
Parameters
- id | scope
- (Optional) Specifies the ID or scope of the use case for which certificate is configured. The id
and scope values are enumerated as follows:
- 0: default
- 1: keyserver
- 3: internal_communication
When you use this parameter, the detailed view of the use case-specific certificate is returned. If you do not specify the id or scope parameter, then the concise view of all the use case specific certificates is displayed.
Description
This command returns a concise list or a detailed view of use case-specific certificates installed on the system
Table 1 provides attribute values that can be
displayed as output view data.
| Attribute | Possible Values |
|---|---|
| id | Indicates the ID of the use case for which the certificate is used. |
| scope | Indicates the scope for which the certificate is used. |
| certificate_id | Indicates the unique identifier for the certificate. |
| type | Indicates the certificate type. The values can be
self_signed, system_signed, and
externally_signed. |
| certificate_status | Indicates the status of certificate. The values can be:
The status install_pending indicates that only certificate signing request is generated for the use case and certificate is yet to be installed. |
| content_status | Indicates the status of certificate content. Values can be:
|
| valid_until | Indicates the last date of certificate validity. The value is in format YYMMDDHHMMSS. |
| outstanding_request | Indicates if any certificate signing request is pending. |
| auto_renew | Indicates if the certificate is configured for automatic renewal before it expires. |
| certificate | Indicates a readable version of the current SSL certificate. |
| certificate_export | Indicates an encoded version of the SSL certificate. |
| certificate_chain | Indicates the subject distinguished name, and issuer distinguished name of each certificate in the chain. If using a self-signed certificate (or a single signed certificate with no CA certificates installed) then the certificate_chain field will show only one certificate. |
