Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Installing SSL certificate on AIX
Operating Systems AIX Installing SSL certificate on AIX Post 302364478 by zaxxon on Friday 23rd of October 2009 07:49:45 AM
Old 10-23-2009
Moved to AIX subforum.

You can use gsk7cmd to store/handle certificates.
There is also ikeyman from the Java SDK:
Code:
root@litterbox:/> lslpp -w `which ikeyman`
  File                                        Fileset               Type
  ----------------------------------------------------------------------------
  /usr/java5_64/jre/bin/ikeyman               Java5_64.sdk          File

I used gsk7cmd it to handle SSL in conjunction with LDAP taken from this Redbook:
IBM Redbooks | Integrating AIX into Heterogeneous LDAP Environments

Checkout the topic about SSL in it maybe.
gsk packages are:

Code:
  gsksa.rte                  7.0.3.3  COMMITTED  AIX Certificate and SSL Base
  gskta.rte                  7.0.3.3  COMMITTED  AIX Certificate and SSL Base

 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Installing an SSL certificate in Blue Quartz

My current SSL certificate is about to expire in a couple days so I got a new one via Godaddy and need to install the new one. My server is running Centos 4.x with Blue quartz as the backend. Now BQ does have an SSL import option via the GUI but I'm not sure what route to take to import the... (1 Reply)
Discussion started by: mcraul
1 Replies

2. Web Development

SSL Certificate Installation problem

Hello everybody Hope somebody can help me I'm trying to install SSL Certificate on Apache/mod_ssl on Linux with Zend for Oracle. I bought and downloaded certificate from certificate from Network Solutions. Than I followed the instructions to the dot. I created a directory for certificate... (2 Replies)
Discussion started by: Trusevich
2 Replies

3. Web Development

SSL certificate

Dear All Anyone know how to issue two different certification on apache virtualhost fyi i have one virtualhost eg 69.192.1.25:443 already signed with verisign how can i configure another virtualhost 69.192.1.25:443 which signing with another certificate which self signing. i search net not... (1 Reply)
Discussion started by: netxus
1 Replies

4. Cybersecurity

SSL certificate

Hi guys. I have some questions about ssl certificates. I looked at SSL providers and saw that they are providing 2 types of certificates: per server or per domain. my server host name is: srv1.example.com I have a smtp, imap, web server on this box. but all services accessed by different... (1 Reply)
Discussion started by: majid.merkava
1 Replies

5. Web Development

export SSL certificate

we are doing TCP for our systems. I have a working SSL certificate on prodction webserver. Im planning to export it to our DR server for TCP purposes. However when I export based on the procedure below, it doesn't work. When I restart the DR webserver, it still says the certifcate is expired.Any... (1 Reply)
Discussion started by: lhareigh890
1 Replies

6. AIX

Installing Open SSL on AIX 6.1

Hello, I want to install openssl-1.0.1c-1.aix5.1.ppc.rpm on IBM AIX 6.1 server machine and when I try to install the same as : rpm -ivh openssl-1.0.1c-1.aix5.1.ppc.rpmI get the error saying that it needs the following dependencies : error: failed dependencies: ... (2 Replies)
Discussion started by: gaugeta
2 Replies

7. Red Hat

SSL Certificate Renewal on Tomcat

Hi, I want to renew the ssl certificate for one of my application on tomcat without down time. I want to know what would the possible impacts for the users who currently have sessions to the app. Regards, Arumon (1 Reply)
Discussion started by: arumon
1 Replies

8. Cybersecurity

SSL Certificate Stores

Hey everyone, I'm trying to get a lay of the land for OS and Application Certificate Stores. Can someone confirm that I have this concept right? If the application you're using say Firefox has it's own trusted CA store, it uses that exclusively. So if you're running firefox in Windows, Firefox... (4 Replies)
Discussion started by: Lost in Cyberia
4 Replies

9. Web Development

CronJobs issues after SSL certificate

Hello! I had a cron job running on my website, activating a php script every friday. The Php script just activated another photo to add in the gallery. It worked fine until I got an SSL certificate for my website, then everything broke. This was the command before: lynx -source... (0 Replies)
Discussion started by: AGDesign
0 Replies

LEARN ABOUT SUSE

certmgr

Mono(certmgr)															     Mono(certmgr)

NAME

       certmgr - Mono Certificate Manager (CLI version)

SYNOPSIS

       certmgr [action] [object type] [options] store [filename] or certmgr -ssl [options] url

DESCRIPTION

       This tool allow to list, add, remove or extract certificates, certificate revocation lists (CRL) or certificate trust lists (CTL) to/from a
       certificate store. Certificate stores are used to build and validate certificate chains for Authenticode(r) code signing validation and SSL
       server certificates.

ACTIONS

       -list  List the certificates, CTL or CTL in the specified store.

       -add   Add a certificate, CRL or CTL to specified store.

       -del   Remove  a  certificate,  CRL  or CTL from specified store. You must specify the object to be removed with it's hash value (and not a
	      filename). This hash value is shown when doing a -list on the store.

       -put   Copy a certificate, CRL or CTL from a store to a file.

       -ssl   Download and add the certificates from a SSL session. You'll be asked to confirm the addition of every certificate received from the
	      server.  Note  that SSL/TLS protocols do not requires a server to send the root certificate.  This action assume an certificate (-c)
	      object type and will import the certificates in appropriate stores (i.e. server certificate in the OtherPeople store, the root  cer-
	      tificate in the Trust store, any other intermediate certificates in the IntermediateCA store).

OBJECT TYPES

       -c , -cert , -certificate
	      Add, Delete or Put certificates. That is the specified file must/will contains X.509 certificates in DER binary encoding.

       -crl   Add,  Delete or Put certificate revocation lists (CRL). That is the specified file must/will contains X.509 CRL in DER binary encod-
	      ing.

       -ctl   Add, Delete or Put certificate trust lists (CRL). UNSUPPORTED.

OPTIONS

       -m     Use the machine's certificate stores (instead of the default user's stores).

       -v     More details displayed on the console.

       -help , -h , -? , /?
	      Display help about this tool.

FILES

       WARNING: This details the current behavior of Mono and could change between releases.  The only	safe  way  to  interact  with  certificate
       stores  is  to  use  the  certmgr  tool.  The current releases of Mono keeps all the user certificate stores in separates directories under
       ~/.config/.mono/certs/

       For example the trusted root certificates for a user would be kept under
	      ~/.config/.mono/certs/Trust/

       Certificates files are kept in DER (binary) format (extension .cer).

       The filenames either starts with
	      tbp (thumbprint) or ski (subject key identifier).

       The rest of the filename is the base64-encoded value (tbp or ski).

EXAMPLES

       mono certmgr.exe -list -c -m Trust
	      List all certificates in the machine Trust store. This will display the hash value for each certificate. This value can be  used	to
	      identify uniquely a certificate for some operations (e.g. delete). E.g.  Unique Hash: FFA3AC0084DA1673B5A031EBB2156B3E8FBBF6D8

       mono certmgr.exe -del -c -m Trust FFA3AC0084DA1673B5A031EBB2156B3E8FBBF6D8
	      Remove  the  certificate,  represented  by  the  hash  value,  from the machine Trust store. Note that the machine store is normally
	      restricted. The following error message will appear if the current user doesn't have the minimum access rights to  remove  the  cer-
	      tificate: Access to the machine 'Trust' certificate store has been denied.

       certmgr -ssl https://www.verisign.com
	      Import   certificates  from  www.verisign.com  used  for	HTTP  over  SSL.  See  KNOWN  ISSUES  (MD2)  if  you're  downloading  from
	      www.verisign.com.

       certmgr -ssl ldaps://www.nldap.com:636
	      Import the certificates from www.nldap.com used for secure LDAP. This works even if we don't know how to speak LDAP because we  stop
	      the communication shortly after the SSL handshake (which gives us the certificate).

KNOWN ISSUES

       MD2    Some Certificate Authorities (CA) old root certificates use the MD2 hash algorithm. MD2 is old enough not to be part of the standard
	      .NET framework.  This makes it impossible to validate a digital signature made with MD2. For this reason	MD2  is  included  in  the
	      Mono.Security.dll assembly. However the machine.config file must be updated so the OID for MD2 is known at runtime.

	      To correct this insert the following XML snippet inside the <configuration> element of your machine.config file.
		<mscorlib>
		  <cryptographySettings>
		    <cryptoNameMapping>
		      <cryptoClasses>
			<cryptoClass  monoMD2="Mono.Security.Cryptography.MD2Managed, Mono.Security, Version=1.0.5000.0, Culture=neutral, PublicK-
	      eyToken=0738eb9f132ed756" />
		      </cryptoClasses>
		      <nameEntry name="MD2" class="monoMD2" />
		    </cryptoNameMapping>
		    <oidMap>
		      <oidEntry OID="1.2.840.113549.2.2" name="MD2" />
		    </oidMap>
		  </cryptographySettings>
		</mscorlib>

AUTHOR

       Written by Sebastien Pouliot

COPYRIGHT

       Copyright (C) 2004-2005 Novell.

MAILING LISTS

       Visit http://lists.ximian.com/mailman/listinfo/mono-list for details.

WEB SITE

       Visit http://www.mono-project.com for details

SEE ALSO

       makecert(1),setreg(1)

																     Mono(certmgr)
All times are GMT -4. The time now is 02:50 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy