10-23-2009
As I said you should have a look into the SSL part of the Redbook I linked. Basically you have to create a SSL keystore/DB 1st, then you import your certificates etc.
---------- Post updated at 02:46 PM ---------- Previous update was at 02:38 PM ----------
Ah misread - your command seems incomplete. I only know it by that way that you tell the command the path to your SSL keystore/DB and usually have to supply a password to access it.
But that's also in the Redbook ^^
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
My current SSL certificate is about to expire in a couple days so I got a new one via Godaddy and need to install the new one. My server is running Centos 4.x with Blue quartz as the backend. Now BQ does have an SSL import option via the GUI but I'm not sure what route to take to import the... (1 Reply)
Discussion started by: mcraul
1 Replies
2. Web Development
Hello everybody
Hope somebody can help me
I'm trying to install SSL Certificate on Apache/mod_ssl on Linux with Zend for Oracle.
I bought and downloaded certificate from certificate from Network Solutions. Than I followed the instructions to the dot.
I created a directory for certificate... (2 Replies)
Discussion started by: Trusevich
2 Replies
3. Web Development
Dear All
Anyone know how to issue two different certification on apache virtualhost fyi i have one virtualhost eg 69.192.1.25:443 already signed with verisign how can i configure another virtualhost 69.192.1.25:443 which signing with another certificate which self signing. i search net not... (1 Reply)
Discussion started by: netxus
1 Replies
4. Cybersecurity
Hi guys.
I have some questions about ssl certificates.
I looked at SSL providers and saw that they are providing 2 types of certificates: per server or per domain.
my server host name is: srv1.example.com
I have a smtp, imap, web server on this box. but all services accessed by different... (1 Reply)
Discussion started by: majid.merkava
1 Replies
5. Web Development
we are doing TCP for our systems. I have a working SSL certificate on prodction webserver. Im planning to export it to our DR server for TCP purposes. However when I export based on the procedure below, it doesn't work. When I restart the DR webserver, it still says the certifcate is expired.Any... (1 Reply)
Discussion started by: lhareigh890
1 Replies
6. AIX
Hello,
I want to install openssl-1.0.1c-1.aix5.1.ppc.rpm on IBM AIX 6.1 server machine and when I try to install the same as : rpm -ivh openssl-1.0.1c-1.aix5.1.ppc.rpmI get the error saying that it needs the following dependencies :
error: failed dependencies:
... (2 Replies)
Discussion started by: gaugeta
2 Replies
7. Red Hat
Hi,
I want to renew the ssl certificate for one of my application on tomcat without down time. I want to know what would the possible impacts for the users who currently have sessions to the app.
Regards,
Arumon (1 Reply)
Discussion started by: arumon
1 Replies
8. Cybersecurity
Hey everyone, I'm trying to get a lay of the land for OS and Application Certificate Stores. Can someone confirm that I have this concept right?
If the application you're using say Firefox has it's own trusted CA store, it uses that exclusively. So if you're running firefox in Windows, Firefox... (4 Replies)
Discussion started by: Lost in Cyberia
4 Replies
9. Web Development
Hello!
I had a cron job running on my website, activating a php script every friday. The Php script just activated another photo to add in the gallery. It worked fine until I got an SSL certificate for my website, then everything broke.
This was the command before:
lynx -source... (0 Replies)
Discussion started by: AGDesign
0 Replies
LEARN ABOUT DEBIAN
yhsm-keystore-unlock
yhsm-keystore-unlock(1) General Commands Manual yhsm-keystore-unlock(1)
NAME
yhsm-keystore-unlock - Unlock the keystore in a YubiHSM
SYNOPSIS
yhsm-keystore-unlock [options]
DESCRIPTION
In versions of the YubiHSM before 1.0, the YubiHSM could be protected using a 'HSM password'. The YubiHSM would unlock it's cryptographic
functions if the correct password was given, but it was a simple comparision test.
In YubiHSM 1.0, the password was changed into an actual key that was used to decrypt the contents of the YubiHSM internal key store, which
was then AES-256 encrypted using the new 'Master key' when stored in the device.
In YubiHSM 1.0, the option to also require an YubiKey OTP to unlock the keystore was also added. One or more 'Admin YubiKeys' can be con-
figured in the YubiHSM, and an OTP from one of these must also be provided before the YubiHSM will enable it's cryptographic functions.
The OTP is simply validated against the non-encrypted internal database (not key store) in the YubiHSM though, but together with a 'Master
key' not stored on the server with the YubiHSM, it provides enhanced security by being a second factor that an attacker can't just inter-
cept even if the server is compromised.
OPTIONS
-D, --device
device file name (default: /dev/ttyACM0).
-v, --verbose
enable verbose operation.
--debug
enable debug printout, including all data sent to/from YubiHSM.
--no-otp
skip the prompt for an OTP. For use by scripts where no OTP is required and the Master Key is stored on the server with the YubiHSM.
--stdin
read password and/or OTP from stdin rather than prompting for them. Python prompts does not accept piped input, so this option have
to be used to unlock the YubiHSM from a script for example.
EXIT STATUS
0 YubiHSM keystore successfully unlocked.
1 Failed to unlock keystore.
BUGS
Report python-pyhsm/yhsm-keystore-unlock bugs in the issue tracker <https://github.com/Yubico/python-pyhsm/issues/>
SEE ALSO
The python-pyhsm home page <https://github.com/Yubico/python-pyhsm/>
YubiHSMs can be obtained from Yubico <http://www.yubico.com/>.
python-pyhsm December 2011 yhsm-keystore-unlock(1)