Storing a certificate authority certificate
This topic describes how to store a certificate from a certificate authority (CA) that is not a trusted CA.
Procedure
To store a certificate from a CA that is not a trusted
CA, use the following command:
install_root/bin/gskcmd -cert -add -db filename [-pw password | -stashed]
-label label -format ascii | binary -trust enable | disable
-file filename
where:- -add specifies an add action.
- -cert indicates the operation applies to a certificate.
- -db <filename> is the name of the database.
- -file <filename> specifies the file containing the CA certificate.
- -format <ascii | binary> indicates the certificate authorities might supply a binary or an ASCII file.
- -label <label> is the label attached to a certificate or certificate request.
- -pw <password> is the password to access the key database.
- -stashed indicates that the password for the key database should be recovered from the stash file.
- -trust <enable | disable> indicates whether this CA can be trusted. The default is enable and indicates that the CA can be trusted.